South African bank Absa has warned customers that a rogue employee sold on some of their personal data to an external third party.
ID numbers, contact details, physical home addresses, and account numbers are thought to have been compromised.
The banks says: "The leaked data relates to a small portion of Absa South Africa’s customer base to date, although investigations continue."
The bank states that upon discovering the contravention, it secured High Court orders for search and seizure operations at various premises and secured all devices containing the data. The data on these devices was subsequently destroyed.
The bank says it has stepped up monitoring of customer accounts exposed in the breach and put in place additional control measures to minimize the risk of reoccurrence in future.
Absa has brought criminal charges against the employee involved and says it may take further action in relation to the recipients of the data once the full scope of the leak is identified.