Home Cyber Security South African bank forced to replace 12M cards after master key gets...

South African bank forced to replace 12M cards after master key gets stolen by employees

Card masterkey
Card masterkey

We had heard some of the strangest things on the internet but this has to be the worst of lapses in the credit card company history because of the damage it has caused to the company and their customers in general. The report is such that a South African Bank named Postbank will have to replace 12 million cards of its customers because of a fault from their employees. The report is such that Postbank’s employees stole the master key which is kept secret with the bank employees only and can be used to track and transact from the card.

As per the report, Postbank will not only have to replace 12M cards and incur the losses but it already “lost more than $3.2 million from fraudulent transactions and will now have to replace more than 12 million cards for its customers after employees printed and then stole its master key”. This means that the bank has had to get a double whammy because of its employees who stole the master key.

A local newspaper reports that “the incident took place in December 2018 when someone printed the bank’s master key on a piece of paper at its old data centre in the city of Pretoria”. Also, the bank has been doing an internal security audit in this matter and the investigation which is yet to be completed suggests that their own employees might be involved in this.

As for the master key, “it is a 36-digit code (encryption key) that allows its holder to decrypt the bank’s operations and even access and modify banking systems. It is also used to generate keys for customer cards”. Clearly, the master key is a very important number for any bank and not something that should be printed and stolen and it does look like no one from the outside could have accessed it so the obvious doubts goes on the internal people.