Cyber Incident Victim: South African Post Bank / Postbank

The data breach impacting Deutsche Bank and its subsidiary Postbank originated from a security incident at external service provider Majorel, which supported the banks' account switching service. Attackers exploited a software vulnerability within Majorel's systems, enabling unauthorized access to customer data between 2016 and 2020. The compromised information included first names, last names, and IBAN account numbers of individuals who utilized the account switching functionality during those years. Deutsche Bank confirmed the breach stemmed from Majorel's infrastructure, though the vulnerability specifics were not disclosed. The bank emphasized that the stolen data alone could not facilitate unauthorized account access, attempting to downplay direct financial risks. Majorel addressed the vulnerability after detection, but the incident exposed over 144,000 customer records, with Postbank representing the most affected entity among the compromised financial institutions.

The breach's scope extended beyond Deutsche Bank Group, impacting more than 100 companies across 40 countries that utilized Majorel's services. Stolen datasets subsequently appeared on darknet platforms, increasing potential misuse risks despite the banks' reassurances. Deutsche Bank and Postbank notified affected customers through direct correspondence, disclosing the data categories involved but withholding the service provider's identity until media reports identified Majorel. The notification process confirmed temporal limitations, restricting impact to customers who engaged the switching service in 2016, 2017, 2018, and 2020. Customers were offered recourse to claim financial reimbursements for up to 13 months post-incident, though the rationale for this specific duration remained unspecified in bank communications. No additional technical safeguards or system overhauls beyond Majorel's vulnerability remediation were detailed in public disclosures.