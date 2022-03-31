TransUnion hack: 'Change passwords. Look for unusual activity on bank accounts'
TransUnion has until 1 April to inform millions of people in South Africa that they have been compromised
It potentially faces fines of up to R10 million, and its CEO possibly faces imprisonment of up to 10 years
The regulator warns South Africans to be extra vigilant right now
RELATED: TransUnion hackers release Ramaphosa, Malema data in chatroom to prove they can
Last week, hacking collective N4ughtySecTU gained access to a TransUnion SA, compromising personal information such as banking details, ID numbers and credit scores of at least three million South Africans.
N4ughtySecTU demands R220 million from TransUnion.
The hackers also released to journalists data on President Cyril Ramaphosa and EFF leader Julius Malema in a private chatroom to prove they can do it.
The Protection of Personal Information Act (Popia) requires all private or public bodies that have experienced a security compromise to inform the Information Regulator of South Africa and the affected parties following such an incident.
The regulator has instructed TransUnion to report to it the following details:
Date on which the security compromise occurred
Cause of the security compromise
Details of investigations into the security compromise
Extent and materiality of the security compromise
Interim measures put in place to prevent a recurrence of the security compromise
Security measures that TransUnion has put in place to prevent a recurrence of the security compromise
Lester Kiewit interviewed Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa (scroll up to listen).
We don’t know if all people have been informed… We gave them a deadline of 1 April… They must comply with the law… We’ll check if they have reasonable security measures… Fines can be up to R10 million, a pittance considering the damage… The CEO [potentially] faces imprisonment…Advocate Pansy Tlakula, Chairperson - Information Regulator of South Africa
Look out for calls. Be vigilant and don’t give out information. Change your passwords… and look out for unusual activity on banking accounts… Don’t click on links…Advocate Pansy Tlakula, Chairperson - Information Regulator of South Africa
The private sector is taking compliance more seriously than the public sector…Advocate Pansy Tlakula, Chairperson - Information Regulator of South Africa
