Equity Bank, a leading financial institution with operations in Uganda, has suffered a significant loss in its Kenyan operation due to a sophisticated credit card hack.
The hack, which occurred between April and July 2023, resulted in a loss of UGX 1.2 billion (KES 322.1 million), has raised concerns about the vulnerability of the bank’s regional operations to cybercrime.
Although the hack targeted the Kenyan operation, Equity Bank Uganda uses the same payment and fraud management system, prompting assurances from the bank that customer funds are secure.
According to reports, hackers infiltrated Equity Bank’s payment and fraud management system, altering security levels for three merchants. This allowed the merchants to process fraudulent transactions using stolen credit cards.
The Kenya Directorate of Criminal Investigations (DCI) has recommended prosecuting four suspects, including a Kenyan-Briton businessman, for their alleged involvement.
However, this is not the first time Equity Group has been embroiled in fraud investigations. In April 2024, eight suspects were charged with defrauding the bank by diverting and disbursing funds as unsecured loans to unqualified people.
The funds were used to fund personal gains, and some of the victims were relatives of the accused.
Additionally, in March 2024, Equity Bank Uganda announced that it was investigating staff over possible fraud in stock loans and agent float financing.
The bank said that the portfolio under investigation was worth approximately UGX 65 billion, which is nearly 2% of the bank’s total assets.
During the same sophisticated fraud, Kenneth Onyango, the former Executive Director for Commercial Banking at Equity Bank, was arrested and is being investigated in connection with the fraud.
Onyango, who reportedly resigned from the bank, was taken into custody on orders from the Directorate of Public Prosecutions (DPP).
Sources revealed that Onyango is being investigated for his alleged role in the fraud, which involved the disbursement of $16 million UGX 62 billion, mostly as unsecured loans to unqualified persons.
Onyango had worked with the bank in various capacities, heading its risk, operations, and business portfolios before being elevated to superintend commercial banking.
The incident highlights the growing threat of cybercrime in Uganda’s banking sector and the need for increased vigilance.
Customers are urged to remain cautious and report any suspicious transactions to the bank immediately.(ugstandard)