Few weeks ago, KCB Heist became a trending topic on social media with word going around that the bank system had been hacked and many rushed to catch the loot.
However, this was due to technical glitches during a critical data migration that allowed customers at the bank to withdraw sums above their bank balances without immediate detection. According to a report by tech magazine TechCabal, KCB Group customers withdrew around $7.7 million (KES 1 billion) from October 11 to 31.
The bank has since restricted accounts with overdrawn balances and informed the affected customers.
According to reports, the bank is also preparing to use loan recovery companies to go after the customers. After migrating its database to a location centre, KCB attempted to integrate its cloud database, leading to a sync error. The bank’s KCB-M-Pesa target savings accounts, which let people access short-term loans and save, were the worst hit, allowing customers to withdraw up to three times their saved amount.
TechCabal reported that the glitches, which lasted three weeks, show a bank struggling to modernise its IT infrastructure. According to the report, a high-priority notice to KCB staff during the crisis indicated that employees were sometimes unable to access the affected systems, leading to prolonged service interruption or total outage. The bank has yet to comment on the glitches; however, top executives discussed addressing the issue at a crisis meeting and explored recovery options.
The episode aligns with broader concerns over fraud and cybersecurity in Kenya’s financial sector. TransUnion Africa reports that banks in the country lose about $130 million annually to fraud, and cases often remain unpublicized but monitored by the Central Bank of Kenya (CBK) and relevant regulators.
To mitigate such issues, banks and similar organizations often use strategies like phased rollouts, parallel running (maintaining the old system temporarily), and redundant validation checks to catch errors before they affect live accounts. This incident with KCB suggests that despite these precautions, synchronization between on-premise and cloud systems can still result in critical vulnerabilities if not fully optimized.
The bank’s response, which includes restricting accounts and possibly using recovery agents, is standard in such overdraft scenarios, but this case also underscores the importance of cloud and database migration resilience, especially in financial services where trust and accuracy are vital.
There's no story that cannot be told. We cover the stories that others don't want to be told, we bring you all the news you need. If you have tips, exposes or any story you need to be told bluntly and all queries write to us [email protected] also find us on Telegram
