System lapses can occur but not to a level which cannot be tolerated! The banks should style up their systems and invest in reliability and security. It can happen but that shouldn't be an excuse.Lol On Tue, Oct 25, 2011 at 7:18 PM, Mash <mashlists@gmail.com> wrote:
Haggai, Don't quote me ( i was misquoted). But sincerely speaking, bad stuff does happen. I've ever received a claim to settle an overdrawn amount from an account I had not opened. On complaining to the top management, the account was immediately deleted. Anyways, system lapses occur.
Sent from My HTC
----- Reply message ----- From: "Haggai Nyang" <haggai.nyang@gmail.com> To: "Security Forum All information security discussions in Africa are done here (Hacking, Decryptions, Security management, physical security, Disastor Recovery, Security Assessments etc etc)" <security@lists.my.co.ke> Cc: "Skunkworks Mailing List" <skunkworks@lists.my.co.ke> Subject: [Skunkworks] [Security Forum] Security Breach on Cfc Stanbic Account Date: Tue, Oct 25, 2011 18:58
@mash that's scary news since you are in the banking sector... [?]
On Tue, Oct 25, 2011 at 18:32, Mash <mashlists@gmail.com> wrote:
From a banking perspective, these claims are possible but not through hacking. What normally happens is that in case of such withdraws via an atm, the card centre may have linked your account to the wrong ATM card n vice versa. Take it like a cashier doing an over the counter transactIon to the wrong account. It happens alot.
Sent from My HTC
----- Reply message ----- From: "ty" <tyruskam@gmail.com> To: "Skunkworks Mailing List" <skunkworks@lists.my.co.ke>, "[Security Forum]All information security discussions in kenya are done here (Hacking, Decryptions, Security management, physical security, Disastor Recovery, Security Assessments etc etc)" <security@lists.my.co.ke> Subject: [Skunkworks] Security Breach on Cfc Stanbic Account Date: Tue, Oct 25, 2011 16:54
An interesting thing to note, from my experience, only a handful of local banks and multinationals are PCI/DSS Compliant let alone self assured.
-tyrus
On Tue, Oct 25, 2011 at 4:41 PM, Kevin Omondi <kevin.ouma@gmail.com>wrote:
Could this be an inside Job ?
Regards Kevin
On Tue, Oct 25, 2011 at 4:13 PM, Okumu O. C. Edmund < edmund.okumu@gmail.com> wrote:
Interesting story line there. I do not work for CFC Stanbic except that i am also a dissatisfied customer who fled.
That not withstanding, as an Information Systems Risk specialist I noticed one thing when CFC merged with Stanbic and around that time I started having trouble with my accounts. It so happened that human was interfacing between two systems i.e. The then CFC system and the Stanbic System. I know that alot of work has been done to ensure that this no longer happens (No human interfacing between the two systems), but it still explains what might have transpired during the transition period.
I can imagine fictitious accounts, illegal transfers..... happening like in your case e.t.c.
On Mon, Oct 24, 2011 at 4:19 PM, Kevin Omondi <kevin.ouma@gmail.com>wrote:
Hi Skunks,
On Friday the 21st of October I noticed something strange with my Cfc Stanbic Account. While trying to withdraw money at the International House ATM, I realized from the system that avaibale balance was 300 kshs and Actual balance was the money which I was supposed to be having in my account ( lets for the sake of this discussion say its X shillings)
I reported this issue to the Bank branch and they mentioned that there was a possible problem
On Saturday while trying to withdraw money from the Buru Buru ATM, I got a message insuficient funds. On gettting a mini statement it shows VISA ATM withdrwals of equal amounts i.e x/3 done thrice to 3 decimal points which if added up summed up to x.
This looked like a well calculated hacking job. What I wondered is
cfc cards are not allowed for internet transactions ( at least mine) and furthermore they have no numbers on them. I have had my Card on me since opening my account .
After follow up, they told me that these transactions happened in Mozambique.
My question is what possible scenarios led to the hacking of my account and loss of cash as I have never used it on the net or swiped it anywhere ?
Im puzzled and told it has happened with a number of accounts at Cfc. If you are with the bank, be very careful.
Regards
Kevin
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Edmund C. O. Okumu P.O Box 8490-00200, Nairobi, Kenya. TEL: 254-721-734935
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
_______________________________________________ Security mailing list Security@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/security
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------ Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Raymond Rono, raymond.rono@gmail.com. 'One who understands much displays a greater simplicity of character than one who understands little.'
