FDH Bank confirms engaging criminal group ‘Shadow Kill’: Puts spit on data breach by hacktivists

FDH Bank has commented on a Nyasa Times story that hackers attacked the financial institution’s  system but the bank has put a spin that its customers data has not been compromised in any way despite admitting engaging the hactivists called ‘Shadow Kill’.

FDH Bank engaged hacktivists Shadow Kill
FDH Bank

According to a statement revealed by management of FDH Bank, which is on a path to list on the 14-counter Malawi Stock Exchange (MSE) by June 2020, the bank was contacted by Shadow Kill on November 13, 2019 through an anonymous email with claims that the group had breached the FDH Bank security protocols.

Despital details seen by Nyasa Times revealed a data breach resulting in the leak of information belonging of hundreds of customers,  FDH Bank downplays it as  “random computer commands, some staff email addresses and some mobile phone numbers.”

But Nyasa Times has seen that records were exposed, revealing the names, telephone numbers, email addresses, and transactions of clients including prominent people in the society.

FDH Bank said Shadow Kill demanded the bank to pay millions of kwachas through 4 Bitcoins, warning it will release such information to the general public.

But the bank said it noted that the information shared was “historical and meaningless.”

Reads the statement: “ The information collected by a former disgruntled employee in a misguided attempt to smear the organisation. The bank nevertheless engaged the purported group in order to extract more information as part of its risk management practices.”

But Nyasa Times saw correspondence between FDH Bank Head of IT, Ganizani Phiri  and Shadow Kill which Phiri asked if the hactivists were former employees. This was not established though.

FDH Bank said the engagement with the hacktivists was deliberately drawn out  as a comprehensive assessment of the bank systems was conducted.

The statement insists that “no breach had occurred and indeed the information shared and random commands were meaningless.”

FDH Bank said the engagement with the “criminal group” was terminated and in the meantime the bank is taking further action.

The management of FDH Bank said as a pioneer digital bank in Malawi, it is expected to be a target of malicious groups “seeking easy money, fame and attention such as Shadow Kill, just as other groups have targeted organisations like Google, Faceboook and Apple in recent times.”

While maintaining that it has not been hacked, FDH Bank, commits to continue to develop exciting solutions for customers and  regards customers funds and data security as key to its digital strategy.

In 2015, FDH Financial Holdings, the parent company of FDH Bank, bought an 80 percent stake in the then Malawi Government wholly-owned Malawi Savings Bank (MSB), which included five percent for the bank’s employees.

In 2017,  FDH Bank board approved the disposal of investment in MSB Properties Holdings Limited, which owned MSB Properties Limited to FDH Money Bureau Limited.

This was part of FDH Bank reorganisation to optimise the bank’s capital structure, according to the bank.

Follow and Subscribe Nyasa TV :

Sharing is caring!

newest oldest most voted
Notify of
Chilungamo Nchabwino
Guest
Chilungamo Nchabwino

If you understand the hacking culture then you know that FDH is lying. Shadow Kill are black hats not white hats. Where would FDH find a black hat hacker for hire? And no black hat would accept such a lame job.

The South African government could not find these guys when Shadow Kill held Johannesburg for ransom. So who is Mpinganjira.

Gamah
Guest
Gamah

atayeni amenewo. mpaka to get help from “russian hackers”. sign of incompetence. continue to support netball, football ndi zinazi. osati izi.

Harbson
Guest
Harbson

These are just crooks and stop communicating with them. The immediate remedy is for you to change all passwords frequently on your main system and also change passwords of all your emails. Be alert for any intruders.

Gamah
Guest
Gamah

atayeni amenewo. mpaka to get help from “russian hackers”. sign of incompetence. continue to support netball, football ndi zinazi. osati izi.

Mada Kalua
Guest
Mada Kalua

Kkkkkk then shadow kill is really disgruntled crew…

Tikambe
Guest
Tikambe

The plain meaning of the word “hacker” is “thief”. I am happy that the Bank did not pay the “Ransom”. Let them go and find something meaningful to do.

King's-son@265
Guest

this stupid

Kaka
Guest
Kaka

Ame eyo ndi said sulemani I. Do saulosi chakwer

Nasingwe
Guest
Nasingwe

a hack is a hack.
munatani a malawi bodza lopanda nalo manyazi ee

shares