The Equity Group Holdings Limited, formerly Equity Bank Group headed by Group Managing Director and Chief Executive Officer (CEO) James Mwangi is among the most profitable lenders in the country and in the region that has bore the unfortunate brunt of cyber-attacks just like many other financial institutions in the globe.
However, sneak peek by The Informer Media Group into the number of cases reported shows a high frequency of system breaches and fraud cases linked to insiders and external hackers against the tier one lender with subsidiaries in Kenya, Uganda, Tanzania, Democratic Republic of Congo, Rwanda and South Sudan points to a rather mind blowing trend.
Last month, Equity Bank resorted to hiring top fraud busters in efforts to beef up their seemingly susceptible internal anti-scam systems barely a month after losing Sh179million to hackers in one of the latest brazen attacks breaching their seemingly susceptible system firewall
The recent revelation of hackers siphoning over Sh179 million from 155 accounts within a mere seven days at Equity Bank has sparked considerable concern among its clientele, prompting fears regarding the security of their assets.
Equity Bank, in a letter ref: EBL/ SEC/003A/1.24/VOL.1/25, wrote to the Banking Fraud Investigations Unit of the Directorate of Criminal Investigations (DCI) and reported that Sh179,677,736 was fraudulently paid out to 551 bank accounts; Sh63,023,983 was sent to Mpesa and Sh39,047,344 to 11 other commercial banks.
This incident, coupled with reports suggesting a potential loss exceeding US$16million due to fraudulent activities related to stock loans and agent float financing in Uganda, has amplified apprehensions regarding the bank’s financial integrity.
In response to these developments, former Equity Bank Uganda Executive Director of Commercial Banking, Kenneth Onyango, has been apprehended in connection with ongoing investigations.
Notably, this is not the first instance of such breaches within the Equity Bank network, as evidenced by previous hacking incidents in Rwanda, resulting in significant financial losses and subsequent legal repercussions for the perpetrators.
Consequently, stakeholders are raising pertinent questions regarding the efficacy of Equity Bank’s financial systems and the sufficiency of its cybersecurity measures to thwart such intrusions.
There is a growing demand for comprehensive investigations into the bank’s operations, spearheaded by regulatory bodies such as the Central Bank of Kenya (CBK), to ascertain the root causes of these vulnerabilities and mitigate future risks.
Furthermore, concerns persist regarding the potential impact of these security breaches on Equity Bank’s financial stability and its standing within the banking industry, particularly in the East and Central regions where it holds a prominent position.
Stakeholders are keenly observing the steps taken by the bank to bolster its cybersecurity framework and prevent recurrence of such incidents, including collaboration with regulatory authorities and law enforcement agencies.
Pundits contend that amidst these challenges, it is imperative for Equity Bank to instill confidence among its customers by transparently addressing concerns, reinforcing security protocols, and cooperating fully with investigative authorities.
The resilience and responsiveness demonstrated in navigating these crises will be pivotal in restoring trust and preserving the bank’s reputation in the face of evolving cybersecurity threats.
The hacking incident has been compounded by reports that the bank could have lost more than US$ 16 million in stock loans and agent float financing fraud in Uganda.
As a result, a former Equity Bank Uganda, Executive Director of Commercial Banking, Kenneth Onyango, has been arrested in connection with ongoing investigations.
In the latest case, Equity Bank’s risk department has detected irregularities in transactions, with substantial sums diverted to various channels, including Safaricom M-Pesa and accounts in other commercial banks.
Equity Bank sought help from the Banking Fraud Unit after a group of hackers stole Sh179 million from 155 accounts at the bank in seven days.
In a letter to the unit seen by The Informer Media Group, the bank’s risk department said it had detected a spike in transactions from the bank’s Incoming MasterCard GL.
Efforts are underway to trace and recover the misappropriated funds, while stringent measures are being implemented to safeguard remaining assets.
In July 2021, nine hackers who included eight Kenyans and a Ugandan were jailed in Rwanda, after they hacked Equity Bank Rwanda and stole millions of shillings.
Concerned clients of Equity Bank in Kenya are raising questions about the bank’s financial systems and are calling for thorough investigations into the bank’s operations by the regulatory bodies led by the Central Bank of Kenya (CBK).
Banking sector experts are also asking questions on how the ongoing investigations into the hacking incidents will impact Equity Bank’s financial stability and future operations, the strategies the bank is implementing to enhance its cybersecurity measures and prevent future breaches and the kind of assistance it is seeking from regulatory bodies and law enforcement agencies to address the cybersecurity challenges it is facing.
The affected clients are asking what financial safeguards Equity Bank have in place to prevent such a substantial loss of funds and how the hackers managed to breach Equity Bank’s security systems and access so many accounts undetected?
They are also wondering whether there were any warning signs or red flags prior to the fraudulent transactions taking place and steps is Equity Bank taking to reassure its customers about the safety of their money and the integrity of its financial systems.
In a letter seen by The Informer Media Group, the bank’s risk department said it had detected a spike in transactions from the bank’s Incoming MasterCard GL.
Questions are also emerging whether as to whether there are any indications that the hacking incidents were facilitated by internal vulnerabilities within Equity Bank’s operations and what measures is the Central Bank of Kenya (CBK) considering to prevent similar cyberattacks on the bank and other financial institutions.
However, our attempts to reach the bank and CBK at the time of going to broadcast proved futile as our calls went unanswered.
The fraud was detected by Equity Bank’s risk department after more than Sh100 million had already left the bank’s system through M-Pesa and accounts belonging to 11 other commercial banks.
According to a letter, the attack took place between April 9 and 15, 2024 when the bank detected an abnormally high movement of cash from certain accounts.
“In the early hours of 15 April, the bank’s risk department detected an increase in transactions originating from the bank’s inbound Mastercard GL.” Gerald Munyiri, Equity’s General Manager for security and investigations said in the letter.
Banking sector players are assessing the repercussions the recent hacking incidents could have on Equity Bank’s reputation and standing in the banking industry and its role as a market leader in the banking sector in the East and Central region.
“Preliminary investigations revealed that Sh179.6 million was fraudulently disbursed from the GL to Equity Bank’s 551 accounts during the period. In addition, investigations revealed that Sh63 million was sent to Safaricom M-Pesa and Sh39 million to 11 commercial banks.” The letter adds in part.
It was detected by Equity Bank’s risk department after more than Sh100 million had already left the bank’s system through M-Pesa and accounts belonging to 11 other commercial banks.
Preliminary investigations revealed that Sh179.6 million was fraudulently disbursed from the GL to Equity Bank’s 551 accounts during the period.
In addition, investigations revealed that Sh63 million was sent to Safaricom M-Pesa and Sh39 million to 11 commercial banks.
Investigations also revealed that Sh63million was sent to Safaricom M-Pesa and Sh39million to 11 commercial banks.
The police and the bank are working with Safaricom and the respective banks to trace the movement and secure the funds while the suspects are sought. Meanwhile, Equity has obtained a lien of Sh60.7million on the 551 accounts.
Meanwhile, Equity has obtained a lien of Sh60.7 million on the 551 accounts. Equity has since contacted Safaricom to assist in tracing the whereabouts of the missing Sh100 million.
According to the Central Bank of Kenya (CBK), bank card fraud occurs in a number of ways, including phishing, where fraudsters send an email or text message that appears to be from your bank or a reputable financial institution.
In April this year, a former Equity Bank Uganda, Executive Director of Commercial Banking, Onyango, was arrested in connection with ongoing investigations into alleged stock loans and agent float financing fraud.
The Daily Monitor reported that Onyango was taken into custody on orders from the Directorate of Public Prosecutions (DPP).
“He is being investigated in line with that case [fraud]. It’s true he is in police custody. DPP will guide on the next course of action.” The Monitor reported.
Images of a handcuffed Onyango, who reportedly resigned from the bank last month, were shared on various social media platforms.
Equity is reported to have accepted his resignation with “immediate effect”, subject to the outcomes of investigations, which by then were underway.
In March this year, some Equity Bank Uganda Ltd employees were placed under investigation for alleged fraud involving stock loan and agent float financing.
Stock finance is a lending service that allows businesses to borrow working capital against their goods. Agent float loan allows bank and mobile money agents to access unsecured loans for their operations.
The amount being investigated is approximately Ush65 billion ($16.7 million).
“We regret to inform you that we have recently identified a possible fraud on our stock loan and agent financing products.” The bank said in a statement addressed to its customers and shareholders.
“People of interest, including a few of our staff and customers, are currently assisting with investigations by the relevant law enforcement authorities.” The bank added.
In July 2021, nine hackers who included eight Kenyans and a Ugandan were jailed in Rwanda, after they hacked Equity Bank Rwanda and stole millions of shillings.
All the suspects were convicted of criminal mischief or misdemeanour, computer access to information intended to commit a crime, change of computer information or network, unauthorised computer access and stealing.
The suspects were handed eight-year jail terms and fined Rwf56 million (about $55,600). The nine were part of a 12-man gang arrested in 2019 by the Rwandan Investigation Bureau (RIB) that included three Rwandan nationals.
Regional security teams had trailed the gang linked to bank hacking attempts in Kenya and Uganda and had notified Rwandan officials when they set up shop there.
The members of the organised group were arrested while hacking into Equity Bank accounts and funnelling the cash to Rwandans to draw out funds through Eazzy banking and ATMs.
“The court tendered the verdict on the five charges; unauthorised access to s computer or a computer system data; access to data with intent to commit an offence; unauthorised modification of computer or computer system data; theft; and formation of or joining a criminal association.” Taarifa Rwanda reported.
Other banks in the country that have suffered similar fate include NCBA and Family Bank.
In 2020, two suspects, then second-year students at Jomo Kenyatta University of Agriculture and Technology (JKUAT) university students charged at Milimani Law Courts for stealing Sh25million from NCBA Bank through hacking.
They were also said to have attempted to steal an additional Sh190.7million from the same bank.
And in 2019, Geffrey Oduor Ojow also known as Jeff Madole aka Jeff Mzee aka Jojo Udukuzi was charged before Milimani Court magistrate Zainab Abdul for allegedly hacking of Family Bank computer system.
He was charged with three counts- which include unauthorized access to computer data, remotely gaining access to family bank networks and accessing the lender’s systems with an intent to steal.
However, he denied the charges.