However in a statement released yesterday, KCB termed this whole incident as “malicious misinformation.”
“An investigation points to malicious misinformation that has caused concern amongst some of our customers. The alleged customer data breach has been found to be false. We wish to assure all our customers that our platforms and data are highly secured. KCB Group systems including the mobile App have been extensively tested and validated by our internal and the best external data security experts. Multiple layers of encryption, private keys and unique authentication are among the key embedded data security features that safeguard our mobile app. There is no breach to our systems,” noted the statement issued by the firm’s Corporate Affairs Department.
“The bank is working with the relevant authorities to take the necessary legal action against the parties who originated this misinformation,” it added, meaning that the bank, with operations in Kenya, Tanzania, South Sudan, Uganda, Rwanda, Burundi and a representative office in Ethiopia is considering legal action against both the hacker and the outlet which published the information, in this case iAfrikan.
Again, the fact that the statement was not signed off by the KCB Group CEO Joshua Oigara – but by Judith Sidi Odhiambo, Group Head of Corporate & Regulatory Affairs – may be an indication that KCB did not view the alleged data breach as serious enough to get the CEO’s attention and comment.