JOHANNESBURG (Reuters) – South African insurer Liberty Holdings said on Sunday it had become the victim of a cyber attack after an external party claimed to have seized data from the firm and demanded payment. (Updated Monday 18 June 2018, 09h30.)
Liberty, in which Standard Bank has a 53 percent stake, was alerted of the illegal unauthorized access to its IT infrastructure late on Thursday evening, group Chief Executive David Munro said at a press briefing on Sunday.
Liberty did engage with the external parties involved to determine their intention, but made no concessions “in the face of this attempted extortion,” Munro said.
As part of an ongoing investigation, Liberty identified and addressed specific vulnerabilities its IT infrastructure may have had to secure its customer data, he said. The insurer has alerted relevant authorities.
“Liberty is at an advanced stage of investigating the extent of the data breach, which at this stage it seems to be largely emails and possibly attachments,” said Munro.
“To be clear, at this stage there is no evidence that any of our customers have suffered any financial losses.”
He said no further action was required from Liberty’s customers at this stage and the insurer would inform customers directly if it was discovered that they may have been impacted.
Liberty is in the middle of a turnaround plan that includes greater focus on higher margin products and slower offshore expansion under Munro, who took the reins almost a year ago.
Liberty, which competes with larger Sanlam and Discovery, has lagged rivals operationally and on the stock market over the last three years as a weak economy and high interest rates in South Africa hit disposable incomes.
(Reporting by Nqobile Dludla; Editing by Dale Hudson and Ros Russell)