Five massive data breaches affecting South Africans

Following the Liberty Holding’s data breach, the Information Regulator is concerned about the increasing number of cyber attacks affecting personal data in South Africa.

“Without a fully functional Information Regulator, these breaches will continue to occur without sanctions provided for in the Protection of Personal Information Act (POPIA),” said chairperson Advocate Pansy Tlakula.

Tlakula urged “the powers that be to assist it in fast tracking its operationalisation”.

According to corporate law firm Michalsons, certain limited sections of POPIA have already been implemented. However, the bulk of the legislation will only commence at a later date, to be proclaimed by the president. As there is a one-year grace period, the POPIA deadline might only be set for the end of 2019 or in 2020.

In the meantime, South Africans are coming under heightened attack from cyber criminals and hackers.

Andrew Chester, MD of Ukuvuma Security, told Fin24 that affected clients or users should immediately alert their banks and cellphone provider. They should also undertake a credit check as well as a Google search to determine whether their personal information is in the public domain.

Liberty email hack

In SMSs to clients on Saturday, financial services company Liberty informed them that its email repository had been breached by a third party trying to demand a “ransom” in exchange for the data.

Liberty has not revealed much about the breach, citing a police investigation. CEO David Munro confirmed that Liberty’s insurance clients were the only ones affected, and that none of its other business had been compromised.

READ MORE: ‘Liberty breach should never have happened’ — cybersecurity expert

The company said none of its clients have been impacted financially, and that individuals will be personally advised if their information has been affected.

ViewFines licence details

In May the Hawks, the State Security Agency and the Information Regulator said they would probe the breach of personal records of 943 000 South African drivers, allegedly from online traffic fine website ViewFines.

The information reportedly contained the names, identity numbers and email addresses of South African drivers stored on the ViewFines website in plaintext.

The ViewFines website is owned by Aggregated Payment Systems. News24 reported that its operations manager confirmed the company was “implementing security measures immediately” to improve the website after being informed of the breach.

The source of the data was located by Troy Hunt, an Australian security researcher and creator of the free service Have I Been Pwned, which checks whether an individual’s information has been compromised.

Facebook scandal

While Facebook founder and CEO Mark Zuckerberg had to face angry lawmakers in the US and European Union, it was reported that the data breach involving the UK political consultancy affected almost 60 000 South African users.

READ MORE: One Facebook app, a data leak of 60 000 users

In May, the Information Commissioner’s Office of the United Kingdom (which regulates Facebook outside the US and Canada) advised the Information Regulator of South Africa that over 87 million people had been affected worldwide.

However, no evidence could be found of South Africans having been targeted, as the majority of users involved were in the US.

Master Deed’s data breach “biggest” digital security threat in SA

Hunt was once again instrumental in revealing what was known as the “biggest” data breach in South African history, together with iAfrikan CEO Tefo Mohapi in October 2017.

Over 60 million South Africans’ personal data, from ID numbers to company directorships, was believed to have been affected.

The information was traced to Jigsaw Holdings, a holding company for several real estate firms including Realty1, ERA and Aida. The information reportedly came from credit bureau agencies, and was used to vet potential clients.

The information trove was found not to have been hacked, as it was stored in an easily accessible manner on an open web server.

Ster-Kinekor’s database compromised

Movie theatre chain Ster-Kinekor was responsible for up to 7 million South Africans falling victim to a data leak in March 2017.

Fin24 reported that Durban developer Matt Cavanagh announced he had discovered a flaw in Ster-Kinekor’s booking website, and that he had reported it to the company.

There were between 6 and 7 million users in the database. Of those, 1.6 million people had email addresses linked to them on the movie theatre chain’s database. — Fin 24

Tehillah Niselow
Tehillah Nieselow
Tehillah Nieselow is a Journalist at Power FM. She Covers labour issues, strikes, protests and general stories
Advertisting

Strike-off case pulls in judge

Judge Mushtak Parker is implicated in an application to strike off his former partners. He is also involved in the fight between the Western Cape high court’s judge president and his deputy

One strike and you’re out – registrar tells unions

A municipal workers’ union is the first to be sanctioned for not following the new rule when deciding whether to go on strike
Advertising

Press Releases

Dr Mathew Moyo’s journey to academic victory

The NWU's chief director for library and information services was appointed as a board member of the National Council for Library and Information Services.

UKZN pays tribute to Joseph Shabalala, Doctor of Music (honoris causa)

The university joins the global community in mourning the passing of legendary musician and founding member of Ladysmith Black Mambazo, Dr Bhekizizwe Joseph Shabalala.

South Africa to be almost R 14-billion wealthier when SAB Zenzele BB-BBEE scheme winds down in April 2020

It’s the biggest BB-BEE FMCG payout in South Africa’s history, with a new scheme to be launched

UKZN vice-chancellor calls for perspective and creative engagement on the way forward

In addition to overcoming the deadlock between UKZN and students, a way must be found to reconcile the university's financial obligations and students' long-term needs.

Survey shows South Africans’ approval of president but not of political parties

According to the survey, 62% of South Africans think Cyril Ramaphosa is doing his job well, while 39% say no political party represents their views.

Andrew Makenete joins Africa Agri Tech as an event ambassador

Makenete has a wealth of experience in the agricultural sector

Is your company prepared for the coronavirus?

Companies should consider the direct and indirect impacts of the pandemic when evaluating whether they are prepared for the coronavirus, says ContinuitySA.

Explaining the distribution of pension funds

Section 37C of the Pension Funds Act puts the ultimate decision-making responsibility in trustees' hands, says Fedgroup.