KCB to take legal action against originators of data breach claims  

KCB Group has moved to reassure its account holders about the security of its systems following the publication of an article which claimed that one of the bank’s systems had suffered a data breach.
The article, published by iAfrikan on October 19, stated that KCB “appears to have suffered a massive data breach as a file with the details of more than 500,000 customers, including their names and phone numbers, appeared online,” and quoted Burundian hacker Irakoze Chris (@irakChris) who shared the details on his Twiter handle.
According to the iAfrikan article, filed by Eric Mugendi from Nairobi, Irakoze first mentioned the alleged data breach which affected KCB’s mobile app in September this year.  

However in a statement released yesterday, KCB termed this whole incident as “malicious misinformation.”

“An investigation points to malicious misinformation that has caused concern amongst some of our customers. The alleged customer data breach has been found to be false. We wish to assure all our customers that our platforms and data are highly secured. KCB Group systems including the mobile App have been extensively tested and validated by our internal and the best external data security experts. Multiple layers of encryption, private keys and unique authentication are among the key embedded data security features that safeguard our mobile app. There is no breach to our systems,” noted the statement issued by the firm’s Corporate Affairs Department.

“The bank is working with the relevant authorities to take the necessary legal action against the parties who originated this misinformation,” it added, meaning that the bank, with operations in Kenya, Tanzania, South Sudan, Uganda, Rwanda, Burundi and a representative office in Ethiopia is considering legal action against both the hacker and the outlet which published the information, in this case iAfrikan.

Again, the fact that the statement was not signed off by the KCB Group CEO Joshua Oigara – but by Judith Sidi Odhiambo, Group Head of Corporate & Regulatory Affairs – may be an indication that KCB did not view the alleged data breach as serious enough to get the CEO’s attention and comment.

Leave a Reply

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.