Old Mutual, Sanlam and Futuregrowth say no customer data was compromised in Curo cyberattack

accreditation
0:00
play article
Subscribers can listen to this article
Sanlam and Old Mutual's investment administration service provider, Curo Fund Services, experienced a cyberattack on 19 January. REUTERS/Kacper Pempel/File Photo
Sanlam and Old Mutual's investment administration service provider, Curo Fund Services, experienced a cyberattack on 19 January. REUTERS/Kacper Pempel/File Photo
  • Curo Fund Services experienced a cyberattack on 19 January.
  • The administrator, founded jointly by Sanlam and Old Mutual in 2012, has R2 trillion in assets under management and administration.
  • But Old Mutual, Sanlam and Futuregrowth say their customers have no reason to worry about their data being compromised.


Old Mutual, Sanlam and Futuregrowth say their customers have no reason to worry about the recent cyber-attack on their investment administration service provider's systems.

Curo Fund Services experienced a cyberattack on 19 January. According to a Sunday Times report, the Cape Town-based investments administrator was locked out of its systems until 24 January.

The administrator, founded jointly by Sanlam and Old Mutual in 2012, has R2 trillion in assets under management and administration.

All three firms said the attack affected their operations, too, for a limited period. Curo's systems could not process investment-related instructions from the investment houses.

"During this period, the outage affected Curo's ability to provide us with prices for some of our Old Mutual Unit Trust portfolios. We are in the process of applying the updated prices to those portfolios for those customers who transacted," said Old Mutual in a statement.

The investment businesses within Old Mutual, including Futuregrowth, decided to suspend trading in listed markets until 24 January to err on the side of caution. They have since resumed trading.

Sanlam said it implemented remedial actions to avoid negative impact on its clients. Its clients continued to trade while Curo's systems were being restored.

The insurer said it worked closely with Curo to analyse and investigate the nature and scope of the security breach.

"Sanlam can confirm that the affected systems at Curo did not contain any retail client data," it said in a short statement.

Futuregrowth also said no customer data was compromised.

"Detailed client information is held by Futuregrowth, not Curo. Curo is conducting a full IT forensic investigation at present which will identify the full impact of the attack and also the type of intrusion," said the investment house.

Old Mutual also said it does not share any personal client data with Curo. The security breach was isolated to Curo's systems and did not impact the insurer's firewalls.

At the time of publication, Fin24 had not received a response from Curo on whether the company had identified the source of the attack. But Old Mutual said the administrator is running a "detailed and comprehensive" forensic investigation to establish the extent of any data breaches.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
15.86
+0.1%
Rand - Pound
19.75
+0.2%
Rand - Euro
16.77
+0.1%
Rand - Aus dollar
11.14
+0.3%
Rand - Yen
0.12
-0.1%
Gold
1,842.49
+0.0%
Silver
21.89
-0.1%
Palladium
2,021.50
+0.6%
Platinum
965.50
-0.2%
Brent Crude
112.04
+2.6%
Top 40
61,726
0.0%
All Share
68,246
0.0%
Resource 10
71,337
0.0%
Industrial 25
75,802
0.0%
Financial 15
15,729
0.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot