Cybersecurity Expert Reaction On Postbank Replaces 12 Million Bank Cards After Insider Theft

In response to news that South African bank Postbank was forced to replace 12-million bank cards after employees stole the ‘master key’ and more than $3 million, cybersecurity experts commented below.

Experts Comments

June 16, 2020
Saryu Nayyar
CEO
Gurucul
When it comes to insider threats, insiders with privilege inflict the most damage. In this case, privileged users abused their access to the bank's master key. Further, this single key was protected by the four eyes principle where at least two people were required to reproduce the full access key, as the 36-digit code had been divided between multiple parties. So much for added security. The corruption at this bank was coordinated across multiple bank managers and VIPs. The insider threat is .....Read More
When it comes to insider threats, insiders with privilege inflict the most damage. In this case, privileged users abused their access to the bank's master key. Further, this single key was protected by the four eyes principle where at least two people were required to reproduce the full access key, as the 36-digit code had been divided between multiple parties. So much for added security. The corruption at this bank was coordinated across multiple bank managers and VIPs. The insider threat is not always a lone wolf. As we see here, it can be a team of insiders who band together to orchestrate a coordinated effort to exfiltrate data or IP. If you're not securing your sensitive data from insider threats, you're missing the single most detrimental threat vector: crooked employees.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.