Unity Bank called out for compromising customer’s data for three years

Unity Bank called out for compromising customer’s data for three years

An Egyptian has cried out over Unity Bank’s continued disclosure of a customer’s transaction details to him via emails since 2020. The Egyptian thi

Elumelu’s alleged link to N41bn NITEL contract fraud, malicious, untrue – UBA
UBA partners LCCI for 2019 Lagos International Trade Fair
Vice Chancellors hail Dangote’s impact on Nigeria’s agricultural revolution

An Egyptian has cried out over Unity Bank’s continued disclosure of a customer’s transaction details to him via emails since 2020.

The Egyptian third party, Adam Amin, said that he has been receiving the said customer’s account transaction alerts in the last three years.

Amin said that since 2021, he has been notifying the bank about the data breach but nothing has been done to correct it. The Egyptian added that he is worried about the safety of the customer, whose banking data may have been compromised.

Amin explained that when he first received the mail detailing the customer’s transaction, he thought it was from scammers so he waited for some months before reaching out to the bank in 2021. He also shared copies of emails sent to the bank with this newspaper.

Despite lodging complaints at the bank, he said he still receives transaction alerts even after blocking Unity Bank’s mail address from his electronic mail account.

“I have engaged with them on WhatsApp several times since 2021, they were very nice and cordial. They promised to look into it but then I started to receive the emails again and went back to them and they say they will look into it. Then I followed up, a week after and they said it’s still ongoing. At some point, they told me it was done but I was still receiving the alerts.

“I started pressuring them, then they requested I email them and I did, finally they said the issue has been dealt with and then I am still receiving the statement. I messaged again and they stopped responding. I have unsubscribed and blocked them and these alerts still find their way to my mail.”

The Central Bank of Nigeria on November 7, 2016, released the consumer protection framework to enhance consumer confidence in the financial services industry and promote financial stability, growth, and innovation.

Part five, section four of the framework says institutions must safeguard consumer data and assets, get consent for data collection, notify consumers of data exchange, keep accurate data, and review processing procedures regularly.

They are equally expected to: “Protect the privacy and confidentiality of consumer information and assets against unauthorized access, and be accountable for acts or omissions in respect thereof.

“Not transfer personal data of consumers to a third party without their express consent, except in compliance with a legal obligation.”

This isn’t the first time that Unity bank will be involved in breach of customer data.

On August 25, 2020, Bank Security, a Twitter handle focused on security threats in banks, reported that the database of Unity Bank was being shared online on hacker forums.

At least three other hacker forums reportedly shared the same database, according to Bank Security.

But the bank in a tweet assured its customers that it remains committed to safeguarding their personal details.