From ransomware to identity theft: How bank attacks can affect you

In mid-January 2026, Land and Agricultural Development Bank of South Africa suffered a ransomware cyberattack that disrupted its internal IT systems.

It is believed that the attack encrypted part of the bank’s servers and caused the temporary suspension of services. According to reports, the bank has notified authorities of the incident and is investigating the full impact.

But the Land is not the first or even only bank to be hit with a cyberattack. Bank attacks are common around the world, which begs the question: How does it affect us? 

So what happens when a cyberattack hits a bank?

1. Disruption of services

Cyberattacks, especially ransomware, can cause service outages. During this time, customers may be unable to access online banking, ATMs, transfers, or balance inquiries until systems are restored.

2. Data exposure and security risks

Breaches can expose customer data, including account numbers, personal information, and transaction histories, which may then be used for identity theft, fraud, or targeted scams. Similar breaches elsewhere (e.g., the recent French national account registry hack) have shown how exposed data can fuel phishing and fraudulent activity.

3. Financial costs for the bank

For banks themselves, cyberattacks can lead to:

• Cleanup costs (forensic teams, rebuilding systems);
• Regulatory fines if customer data protection laws are breached;
• Reputational damage is causing customers to migrate elsewhere.

Are customers at risk of losing money?

It’s possible, but it's worth noting that major banks typically protect customer funds. Here’s how risk plays out in real scenarios:

Direct theft from your account

If hackers gain access to your login credentials or bank authentication tokens, they could attempt to drain funds or make fraudulent transfers. This risk increases when credentials are weak or stolen through phishing scams.

Identity theft

Compromised information can be used to open accounts, apply for loans, or commit fraud in your name, even if your bank account balance isn’t directly hit.

Bank safeguards and regulations

Banks and regulators have fraud protection frameworks that detect unusual activity and reverse unauthorised transactions.

In many countries, including South Africa, customers are generally protected as long as the loss isn’t due to negligence (like sharing your PIN or ignoring alerts).

However, if your money is held in an unregulated or fake financial scheme, you could lose it permanently.

Why are banks targeted?

• Financial institutions are prime targets for cybercriminals because:
• They hold high-value data and money.
• Their systems are complex and interconnected, with many potential weak points.
• Old software and third-party services can provide access routes for attackers.
• Banks also face constant assault from sophisticated threats like phishing, ransomware, malware, and social engineering.
• How Customers Can Protect Themselves

While banks invest heavily in cybersecurity, customers also have a role. Try the following to prevent damage and to keep yourself as safe as you could be.  

Use strong, unique passwords and enable two-factor authentication.

Monitor account activity and set alerts for transactions.

Avoid public Wi-Fi when logging into banking services.

Be cautious with emails or messages asking for banking details.

IOL