Equity Bank Kenya has confirmed that one of its customers suffered a loss after her email account was compromised and said it has opened proceedings with law enforcement to recover the funds.
The Kenyan bank claims it has established that a third party accessed the customer’s email and that banking credentials were subsequently used to execute unauthorized transactions.
“Following a thorough investigation, it was established that the customer’s email was compromised through fraudulent third-party access (hacking) and her banking credentials accessed,” Equity Bank Kenya stated in a notice to its customers.
On social media, a video of a customer alleged that KES 300,000 ($2,314) disappeared from her account shortly after she deposited the cash. The video alleges this hack happened after the victim had deposited money into her account at the Kahawa West branch.
READ: Mobile Finance Has Become Kenya’s Biggest Cybercrime Target
In posts seen by Techweez, she said she had been told any resolution could take between three and six months. Equity Bank’s notice did not specify the amount lost by its customer, nor did it disclose details of the recovery timeline.
The use of a customer’s email to compromise an account is yet another red flag for a financial institution that has been a digital leader. Currently, Equity Bank’s digital channels handle 88% of transactions.
This incident comes after Equity Bank Rwanda lost approximately USD 3.4 million back in March. It also comes at a time when the country is experiencing a sharp rise in cybersecurity threats.
Equity Bank Kenya is the largest bank subsidiary of Equity Group Holdings Plc and has over 212 branches in the country. It is currently Kenya’s second-largest in terms of asset base.
