Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
eNL Mutual Bank

eNL Mutual Bank Vendor Cyber Rating & Cyber Score

enlbank.com

eNL Mutual Bank | A Mutual Bank for the People South Africa’s first majority black women-owned mutual bank. We’re reengineering ownership, people-powered, and empowering underserved communities through inclusive, secure, and ethical banking. We are the Bank we’ve been waiting for.


EMB A.I CyberSecurity Scoring

EMB
Company Information
Website:https://www.enlbank.com/
Employees number:2
Number of followers:549
NAICS:52211
Industry Type:Banking
Homepage:enlbank.com
EMB Risk Score (AI oriented)
Between 650 and 699
logo
EMBBanking
Updated:
24/04/2026
682/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
EMB Global Score (TPRM)
xxxx
logo
EMBBanking
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

EMB
EMBWeak
Current Score
682B (WEAK)
01000
1 incidents
-68 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
685Before Incident
JUNE 2026
685Before Incident
MAY 2026
683Before Incident
APRIL 2026
750Before Incident
Breach
16 Apr 2026EMB
eNL Mutual Bank: New bank takes swift action after GroundUp alerts it to data breach

eNL Mutual Bank Exposes Customer Data in Major Security Lapse

682After Incident
CRITICAL-68
ENL1777026556
eNL Mutual Bank Exposes Customer Data in Major Security Lapse eNL Mutual Bank, South Africa’s first black-owned, women-led mutual bank, inadvertently exposed sensitive customer data due to a security misconfiguration. The breach was discovered on 16 April 2024 by Joel Cedras, an IT consultant working with GroundUp, who found that confidential information was publicly accessible via a URL (enlsystembo.co.za) and its corresponding IP address (102.131.62.58). The exposed data included full names, SA ID numbers, addresses, emails, phone numbers, bank account details, transaction histories, unencrypted card information, and database credentials all accessible without hacking or unauthorized access. The leak violated the Protection of Personal Information Act (POPIA), prompting GroundUp to report the incident to the Information Regulator (IR). Despite the IR’s R100-million-plus annual budget, the reporting process was cumbersome, requiring submission through an inefficient content management system. No response was received from the IR, nor from the Reserve Bank or Financial Sector Conduct Authority, beyond an automated acknowledgment. eNL Mutual acted swiftly upon notification, taking the exposed URL offline by Friday noon and assuming full responsibility. The bank confirmed the breach stemmed from a misconfiguration in a non-production environment and is treating it as a formal data leakage incident. It is notifying affected customers, engaging with regulators, and reinforcing security measures. The bank emphasized accountability, stating that it remains responsible for protecting customer data, whether managed internally or by third parties. eNL Mutual, which received its banking license in January 2024, operates exclusively online under founder Nthabeleng Likotsi. The incident highlights vulnerabilities in digital banking infrastructure and regulatory response gaps.
INCIDENT DETAILS -
TYPE
Data Leakage
IMPACT
Data Compromised: Full names, SA ID numbers, addresses, emails, phone numbers, bank account details, transaction histories, unencrypted card information, database credentialsSystems Affected: Non-production environment (enlsystembo.co.za, IP: 102.131.62.58)Operational Impact: Bank took the exposed URL offline and reinforced security measuresBrand Reputation Impact: Potential damage to brand reputation as a newly licensed digital bankLegal Liabilities: Violation of POPIA, potential fines and legal actionsIdentity Theft Risk: High (exposure of SA ID numbers, bank account details, and unencrypted card information)Payment Information Risk: High (unencrypted card information exposed)
DATA BREACH
Personally Identifiable Information (PII)Financial DataDatabase CredentialsSensitivity Of Data: High (SA ID numbers, bank account details, unencrypted card information)Data Exfiltration: No evidence of data exfiltration (publicly accessible without hacking)Data Encryption: No (unencrypted card information exposed)Personally Identifiable Information: Full names, SA ID numbers, addresses, emails, phone numbers
MARCH 2026
750Before Incident
FEBRUARY 2026
750Before Incident
JANUARY 2026
750Before Incident
DECEMBER 2025
750Before Incident
NOVEMBER 2025
750Before Incident
OCTOBER 2025
750Before Incident
SEPTEMBER 2025
750Before Incident
AUGUST 2025
750Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for EMB ?
?
What was EMB's A.I Rankiteo Cyber Score in June 2026 ?
?
What was EMB's A.I Rankiteo Cyber Score in May 2026 ?
?
What was EMB's A.I Rankiteo Cyber Score in April 2026 ?
?
What was EMB's A.I Rankiteo Cyber Score in March 2026 ?
?
What was EMB's A.I Rankiteo Cyber Score in February 2026 ?
?
What was EMB's A.I Rankiteo Cyber Score in January 2026 ?
?
What was EMB's A.I Rankiteo Cyber Score in December 2025 ?
?
What was EMB's A.I Rankiteo Cyber Score in November 2025 ?
?
What was EMB's A.I Rankiteo Cyber Score in October 2025 ?
?
What was EMB's A.I Rankiteo Cyber Score in September 2025 ?
?
What was EMB's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on EMB's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with EMB ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view EMB's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?