Third-party cyber risks emerge as weak link for banks after data breach concerns

Banks are facing growing cybersecurity risks from third-party vendors, with experts warning that these external partners are increasingly becoming a weak link in protecting sensitive customer data.

Third-party vendors refer to the external service providers banks rely on for critical functions, including payments processing, IT systems, cloud services, and customer-facing platforms. These partnerships are essential for modern banking, but they also expand the number of potential entry points for cyber attacks.

Read/listen:
Sarb bolsters defences against cyberattacks
SA’s rerating prospects, cyber breaches, and finance as Africa’s lever for development

Michael Lazenby, a cybersecurity specialist at Ziyasiza, says attackers are now deliberately targeting vendors as a way into larger, more secure systems.

“Third-party vendors have become a key focus for cyber criminals because they often create vulnerabilities while trying to integrate seamlessly into banking environments,” he says.

“Hackers see them as an easier backdoor into banks,” adds Lazenby.

The warning comes amid heightened concerns over data security in the banking sector following a recent breach at Standard Bank, where customer information was exposed in a cyber incident.

The bank has since said it is working with regulators and monitoring affected accounts, but details around the full extent of the breach remain unclear.

Read: New bank takes swift action after GroundUp alerts it to data breach

Moneyweb asked Standard Bank to clarify what data was accessed, how many clients were affected, how long the breach may have gone undetected, and what steps customers should take.

In a brief response, the bank said: “We continue to strengthen controls and enhance monitoring in line with industry best practice to safeguard client information. We have reported this incident to the relevant regulatory and law enforcement authorities, and we continue to co-operate with their processes.”

Standard Bank added that affected clients are being contacted in limited cases involving card details, with cards being replaced and transactions monitored using enhanced fraud detection systems.

The bank said it has implemented 24/7 fraud monitoring, strengthened authentication measures, and is tracking suspicious activity such as unusual logins, beneficiary changes and SIM-swap patterns.

Lazenby says incidents like these highlight how breaches may not always originate within a bank’s own systems, but through weaknesses in its wider digital ecosystem.

The growing dependence on shared platforms means a single breach can have far-reaching consequences.

“In many cases, multiple institutions use the same vendor, so one breach can affect several organisations at once,” warns Lazenby, adding that this can disrupt operations across payments systems and businesses that rely on banking infrastructure.

Higher vulnerability 

Banks are particularly exposed given the value of the data and assets they hold.

“Vulnerability is at its highest in financial institutions because they protect the ‘golden egg’ money,” he says.

The challenge is compounded by the difficulty in detecting breaches linked to third parties. According to Lazenby, fewer than half of such breaches are identified by the organisations that rely on those vendors, with some remaining undetected for months.

Read: Hackers steal $17m from Ugandan central bank, Vision says

This raises concerns about how long sensitive data could be exposed before institutions become aware of a problem. Common weaknesses include unpatched systems, insecure remote access, and giving vendors broad access to sensitive data without sufficient controls.

In some cases, third parties may also fail to properly encrypt data, increasing the risk of exposure. However, despite the involvement of external vendors, accountability ultimately remains with the institution.

“The primary organisation still carries the legal and regulatory responsibility,” Lazenby says, warning that failures can result in significant penalties and reputational damage.

As reliance on external partners grows, he says banks need to strengthen oversight of vendors, including continuous monitoring, stricter access controls and better alignment with internal cybersecurity standards.

For customers, the risks remain tangible, including potential fraud and identity theft, reinforcing the need for vigilance around unusual account activity and personal data security.