Standard Bank Data Breach: Hackers Release Stolen Customer Data

Severity: High (Score: 66.0)

Sources: Itweb.Co.Za, Classaction, Thebanker

Summary

On April 17, 2026, hackers publicly released data stolen from Standard Bank, following a breach disclosed on March 23, 2026. The breach involved unauthorized access to internal systems, exposing client records such as account numbers, business names, and ID numbers. The threat actor, known as Rootboy, claimed to have accessed Standard Bank and its insurer Liberty's systems for over three weeks, exfiltrating approximately 1.2 terabytes of data. Standard Bank confirmed that its core banking systems remained secure and unaffected. The bank is currently engaging with impacted clients and investigating the incident. Security experts warn of an increase in phishing attacks targeting customers due to the exposed personal information. The authenticity of the released data has not yet been independently verified. Key Points: • Hackers released data from Standard Bank, affecting customer privacy. • Rootboy claims to have exfiltrated 1.2 terabytes of data over three weeks. • Standard Bank's core banking systems were not compromised.

Key Entities

• Data Breach (attack_type)
• Phishing (attack_type)
• Bank3 (company)
• Liberty (company)
• Standard Bank (company)
• Citrix (company)
• South Africa (country)
• CWE-200 - Exposure of Sensitive Information (cwe)
• classaction.org (domain)
• Financial (industry)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1566 - Phishing (mitre_attack)
• App Dynamics (platform)
• Confluence (platform)
• JIRA (platform)
• Microsoft SQL Databases (platform)
• Oracle SQL Databases (platform)
• OneDrive (tool)