Kenya’s National Bank Loses Millions to Hackers as Bank Downplays Event

National Bank of Kenya

It appears that cyber security concerns are not going away, at least not in the near future if happenings in the digital world are anything to go by. The latest manifestations of such an intrusion has affected a local financial institution, namely the National Bank of Kenya (NBK).

In a statement sent out by the institution a few moments ago, the bank admits it lost a substantial amount of money to fraud.

“We confirm that there was an attempted fraud in normal course of business on 17th January but the bank’s monitoring and security resources frustrated the attempt.

“The amount of attempted fraud is about KES 29 million and we are confident we will recover most of that money. Security are in pursuit of the fraudsters and investigations are ongoing. Customer account have not been affected and the latest social media speculation on the potential loss is incorrect,” reads a statement from the bank.

First and foremost, the loss of KES 29 M is substantial to say the least. While we do not have facts at hand, there is no way we can ascertain if that figure is true or otherwise because it has been established before that such institutions downplay losses to win the trust of their customers, else a panic ensues and clients move to competitors.

The second issue regarding the statement is based on the assurance that customer accounts have not been affected, which is as absurd as it sounds. While the bank’s security resources may have thwarted the theft, it is apparent that the money that slipped away came from one or multiple of the bank’s account holders.

This takes us to the third aspect of the statement, which is vagueness. Other than the amount lost, the bank has not given clear details of what transpired during the breach (that occurred yesterday), and word has it that a loophole was found in the process of transferring cash from the bank to M-PESA, which is why the service has been suspended for the time being.

For the moment, the details of the cyber crime are scanty at best. This also marks a time that emphasizes on cyber security concerns, with several global and local IT companies predicting that intrusions will be worse.