JOHANNESBURG (Reuters) - South Africa’s central bank told lenders to be vigilant on Wednesday after criminals in Japan stole millions of dollars from automatic teller machines using fake credit cards from South Africa’s Standard Bank (SBKJ.J).
The criminal gang made 14,000 withdrawals in just three hours from bank machines at 7-Eleven convenience stores across Japan on May 15, withdrawing 1.4 billion yen ($13 million), according to a source familiar with the matter.
Central bank deputy governor Kuben Naidoo confirmed that Standard Bank would shoulder the losses.
“We will work with the law enforcement agencies to try and prevent and tackle those crimes,” Naidoo told reporters.
Rene van Wyk, the central bank’s registrar of banks, said lenders who rely on outside vendors should be careful as the cyber attacks were taking place abroad rather than in South Africa.
“So that vulnerability will always remain because you’re dependant on other parties, so that relationship between vendors and banks, that is one thing that we focus on,” he said.
Standard Bank said on Monday it had suffered the losses, not its customers, and that it had alerted the authorities. It estimated its total loss at 300 million rand ($19 million).
The bank has declined to comment further.
The criminals are still at large. Japan’s Mainichi newspaper, citing sources, said police suspect more than 100 people were involved in the theft which took place on the morning of May 15, a Sunday, in Tokyo and across 16 Japanese prefectures.
Most ATMs in 7-Eleven stores belong to Seven Bank, a Japanese lender part-owned by Seven & I Holdings (3382.T) which operates the convenience store chain in Japan. It is one of only two Japanese banks that allow withdrawals on foreign cards.
Experts said both banks should shoulder some blame for failing to monitor the flood of transactions, saying they should have had systems in place to detect unusual activity.
Deputy governor Naidoo said the central bank was pleased that Standard Bank had gone public over the theft.
“We don’t know all the details yet but we’re looking into it and we will take all the steps necessary to protect our payment systems and banking systems from similar attacks,” he said.
“We are working with the banks to ensure that they are constantly upgrading their ability to detect and repel cyber attacks. But you will always be subjected to these attacks.”
Writing by James Macharia; Editing by Susan Fenton