JOHANNESBURG, June 18 (Reuters) – South African insurer Liberty Holdings said on Sunday it had become the victim of a cyber attack after an external party claimed to have seized data from the firm and demanded payment.
Liberty, in which Standard Bank has a 53 percent
stake, was alerted of the illegal unauthorized access to its IT
infrastructure late on Thursday evening, group Chief Executive
David Munro said at a press briefing on Sunday.
Liberty did engage with the external parties involved to
determine their intention, but made no concessions “in the face
of this attempted extortion,” Munro said.
As part of an ongoing investigation, Liberty identified and
addressed specific vulnerabilities its IT infrastructure may
have had to secure its customer data, he said. The insurer has
alerted relevant authorities.
“Liberty is at an advanced stage of investigating the extent
of the data breach, which at this stage it seems to be largely
emails and possibly attachments,” said Munro.
“To be clear, at this stage there is no evidence that any of
our customers have suffered any financial losses.”
He said no further action was required from Liberty’s
customers at this stage and the insurer would inform customers
directly if it was discovered that they may have been impacted.
Liberty is in the middle of a turnaround plan that includes
greater focus on higher margin products and slower offshore
expansion under Munro, who took the reins almost a year ago.
Liberty, which competes with larger Sanlam and
Discovery, has lagged rivals operationally and on the
stock market over the last three years as a weak economy and
high interest rates in South Africa hit disposable incomes.