Image
August 15, 2024
The bank in a statement on Thursday addressed recent media reports alleging that hackers had seized and cloned its website to intercept customer data.
Guaranty Trust Bank (GTBank) has confirmed that there was an isolated attempt to compromise its website domain.
The bank in a statement on Thursday addressed recent media reports alleging that hackers had seized and cloned its website to intercept customer data.
It said, “Our attention has been drawn to reports in the media alleging that hackers have seized the Bank's website, cloned it and intercepted customer data.
“While there was an isolated incident of an attempt to compromise our website domain, we would like to assure all our Customers and Stakeholders that the Bank's website has not been cloned and that we do not store customer information on our website, and as such, there has been no instance of compromise of customer data.”
“We would like to assure all our Customers and Stakeholders that the Bank's website has not been cloned,” the bank clarified.
It noted that the bank’s information security experts were working diligently to restore the domain settings. “Our dedicated team of Information Security Experts are currently working round the clock to restore domain settings,” the statement added.
GTBank urged customers to disregard the media claims and assured them of its commitment to data security. “We urge all our Customers to please disregard the claims in these media reports and assure you of our unwavering commitment to safeguarding customer data,” the bank concluded.
Meanwhile, SaharaReporters earlier on Thursday reported that concerns had been raised by numerous Nigerian social media users, particularly on X (formerly Twitter), regarding reports of a potential security breach of the bank’s website.
Users shared screenshots of the allegedly compromised website, sparking worries about the security of their personal and financial information.
Many have called on GTBank to promptly address the situation and provide reassurance about the safety of customer data.
An X user, SERAH Ibrahim said the suspected hacking started on Wednesday night. She added that the suspected hackers have created another HTTP layer of the website in an apparent ploy to steal customers’ data through phishing.
For instance, Serah Ibrahim wrote: “Suspected cybercriminals appeared to have compromised the domain address of Nigeria’s banking giant GTBank since Wednesday night, 14th August, 2024.
“The incident came a day after the domain name was renewed for another five years from August 13, 2024, through March 21, 2029, according to multiple online platforms that analyse domain information.
“No hacker has claimed responsibility for the vandalism yet, which appeared to have started midnight yesterday, August 14.
“Already, the attackers appeared to have created another HTTP layer of the website in an apparent ploy to steal customers’ data through phishing.
“A cybersecurity expert with experience in the Nigerian banking industry said it was possible that the bank’s login details were compromised, as against the domain address itself being stolen for a resale at a more lucrative deal online.
“This phishing attack has now caused Gtbank's domain name to be owned by someone else, either by the hackers or whoever they choose to sell it to.
“This brings the question if GTBank, being one of the biggest banks in Nigeria, did not have a DNSSEC set up which would have prevented or mitigated this hack.
“The bank’s mobile infrastructure did not appear to have been affected for now, as Android and iOS-based applications are still in operation.
“One thing is for sure, a lot of GTBank staff would definitely be losing their jobs this week.”
Follow the Sahara Reporters channel on WhatsApp: https://whatsapp.com/channel/0029VaFClvtH5JM6SSsP7M2Y