Hackers claim data stolen from 2 of SA's biggest credit bureaus, demand millions
Bruce Whitfield gets comment from Gilchrist Mushwana, Director of Cybersecurity at BDO Advisory Services.
Hackers claim to have breached the security of two of South Africa's biggest credit bureaus, TransUnion and Experian.
This alleged data hack could potentially expose the financial and personal data of millions of clients.
Neither company could confirm the details of the claim.
TimesLIVE reports that the Brazil-based N4ughtySecTU Group, which has hacked TransUnion before, told the publication it had again bypassed the organisation’s firewalls and security and managed to get away with the data.
In their communication to TimesLIVE, the hackers shared journalist Sabelo Skiti’s name and identity number through his personal WhatsApp... 'The N4aughtySec Group is currently inside your and your clients’ infrastructure and will expose all data and system files in the next 24 hours should our ransom demands not be met in 24 hours,' the hackers told both organisations in their closed message.TimesLIVE
The article quotes the group as demanding $30 million (around R565 million) from TransUnion and $30 million from Experian.
Instructions were given in the message sent to senior managers and directors at both organisations.
TransUnion South Africa says in a statement that it's aware of a financial demand from a 'threat actor' asserting they'd accessed its data.
While we are continuing to monitor closely, we have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated. We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim.TransUnion South Africa
Experian was more direct - a spokesperson said they'd investigated reports that Experian data in South Africa had been illegally obtained, and found these claims to be 'baseless'.
There is no evidence that our systems or data have been compromised in any way nor the systems or data of any of our clients. We take threats of this nature very seriously and will continue to review our systems for security.Experian
Bruce Whitfield gets some clarity about how this all works from Gilchrist Mushwana, Director of Cybersecurity at BDO Advisory Services.
Could it be that a data breach had actually occurred, it's just that no-one picked it up yet?
Not every cyberattack is about, or involves a data breach Mushwana says.
A data breach is basically when an intruder copies and leaks user information such as your name, email address and password... Some of the attacks can be just about disrupting a technology or a system, or causing panic for an organisation or targeting them in order to harm their reputation.Gilchrist Mushwana, Director: Cybersecurity - BDO Advisory Services
The tendency of hackers to claim they have stolen information is nothing new, Mushwana points out.
He says it's a tactic used precisely to create a sense of urgency or panic.
These two organisations are very high-profile. They deal with very serious business in terms of collecting and maintaining credit information of millions of consumers and businesses... They also play a very strategic role within financial services in terms of providing information that is related to credit.Gilchrist Mushwana, Director: Cybersecurity - BDO Advisory Services
Based on their size and also their profile, they should have some sort of a verification to be able to verify whether a data breach has taken place... And that happens through internal processes where investigations are done together with people assigned to do that within the organisation, supported by their partners like specialists such as ourselves at BDO.Gilchrist Mushwana, Director: Cybersecurity - BDO Advisory Services
Scroll up and listen to the interview audio for more detailed information
Source : https://pixabay.com/illustrations/ransomware-cyber-crime-malware-2321110/
More from Business
'Fmr Transnet management created toxic culture, but I have faith in new team'
Amid the ports crisis, Professor Jan Havenga (director, GAIN Group) provides some insight into how embattled Transnet CAN actually become functional again.Read More
New law to crack down on companies (also SOEs) that fail to prevent corruption
The 'groundbreaking' Failure to Prevent Corrupt Activities Offence is close to implementation says Adrian Roux, part of ENSafrica's Forensics team.Read More
No rate hike, but Kganyago warns again that MPC 'ready to act' on inflation risk
Reserve Bank Governor Lesetja Kganyago announced the Monetary Policy Committee's decision to keep the repo rate unchanged on Thursday.Read More
100% off deals?! OneDayOnly's Black Friday is here until 27 November
"OneDayOnly is Black Friday everyday," says Laurian Venter, Sales Director at OneDayOnly.Read More
South Africa among the top 35 most dangerous countries in the world - study
The Institute for Economics and Peace's latest Global Peace Index is not something the tourism industry would want to shout about.Read More
Crime costs South African economy 10% of GDP annually – World Bank
The report aims to provide to a better understanding of the impact of crime on South Africa’s economic growth.Read More
Economists split over inflation hike impact on SARB's repo rate decision
The inflation rate increase to 5.9% came in higher than expected, pushing to the edge of the central bank’s target band of 3% and 6%.Read More
Nedbank names Absa exec Jason Quinn as new CEO
Jason Quinn is leaving Absa for Nedbank where he'll take over from Mike Brown who steps down as CEO next year. Bruce Whitfield gets some background on the appointment from Nedbank chairperson Daniel Mminele.Read More
Car insurance: 'Personal use' likely means cover only for COMMUTING to work
Check the fine print of your policy, warns Wendy Knowler. Anything remotely work-related, no matter how ridiculous it may seem, could see your claim denied if you're covered for 'personal use'.Read More
More from Local
'Fmr Transnet management created toxic culture, but I have faith in new team'
Amid the ports crisis, Professor Jan Havenga (director, GAIN Group) provides some insight into how embattled Transnet CAN actually become functional again.Read More
New law to crack down on companies (also SOEs) that fail to prevent corruption
The 'groundbreaking' Failure to Prevent Corrupt Activities Offence is close to implementation says Adrian Roux, part of ENSafrica's Forensics team.Read More
No rate hike, but Kganyago warns again that MPC 'ready to act' on inflation risk
Reserve Bank Governor Lesetja Kganyago announced the Monetary Policy Committee's decision to keep the repo rate unchanged on Thursday.Read More
100% off deals?! OneDayOnly's Black Friday is here until 27 November
"OneDayOnly is Black Friday everyday," says Laurian Venter, Sales Director at OneDayOnly.Read More
ActionSA opens legal case against CoCT for pumping too much sewage into the sea
The City of Cape Town has allegedly been pumping more sewage into the ocean than what is allowed.Read More
Taps could run dry by 2030: 'We NEED to take water seriously'
South Africa is a water scarce country and could run out of drinking water by 2030.Read More
Lizards and other species are evolving with climate change, but not fast enough
Scientific studies show that climate change is occurring much faster than species are changing.Read More
Oscar Pistorius might be a free man tomorrow. Reevas mom 'not opposing release.'
Oscar Pistorius faces the parole board on Friday, 24 November 2023.Read More
South African politicians vs judges: new book defends the constitution
South Africa is facing an existential crisis of service delivery, which belies the post-apartheid optimism of good governance.Read More