What cyberhacking data means for you

Whenever you hand over your private information to an institution, it’s an act of trust.

You are trusting that the information will be used for its intended purposes and that reasonable measures have been taken to protect your privacy. 

But cybersecurity criminals are always on the lookout to cash in on holes in network systems. 

On August 19, the South African Banking Risk Centre announced that there had been a significant data breach at the South African wing of the multinational credit bureau, Experian, resulting in the exposure of the personal information of 24-million South Africans and 793 749 businesses.

Craig Rosewarne, the managing director at the cybersecurity company Wolfpack Information Risk, said some institutions have a public domain such as a website where people can check if they were vulnerable. There was no such system in place at Experian. 

But, said Rosewarne, you could use other sites such as haveibeenpwnd.com to check whether your privacy has been compromised. It’s a simple matter of going to the site and using your email address. 

Experian said their investigation shows that no consumer credit or financial information was revealed. But, said Manie van Schalkwyk, the chief executive of Southern African Fraud Prevention Services, because hackers have some of the data, they can use it to pose as an institution such as a bank to get further information. 

He advises people to visit a credit bureau and get their credit report, which will show if there were any devious activities. 

He said hacking happens because criminals use your personal information to impersonate you or to open other accounts. 

“[They] steal our data to steal your money,” said Van Schalkwyk. 

Lukas van der Merwe, a specialist sales executive for security at T-Systems South Africa, said the accelerated move to cloud systems makes data breaches an inevitability. 

“This comes at a time when having preventative measures in place is not enough and hasn’t been enough for some years,” he said. 

Preventative measures should be supplemented by systems that can identify when malicious activity in networks is taking place so that they are stopped while it is happening, he added. 

Rosewarne said that people should avoid using the same password for multiple sites, because if one site is compromised, criminals can try using the same credentials on other sites. 

He added that sometimes, instead of creating new login details, some websites allow users to use their Google logins. This will also make it easier for hackers to use your information at other sites.

Rosewarne suggests that you use dual-factor authentication to lessen the chance of getting hacked. When it comes to passwords, he said they should be at least 12 characters long and people should avoid using dictionary words. 

He said that companies sometimes have breaches and hope this will not become public knowledge. 

Rosewarne said that from a government point of view nothing can be done — unless an individual or group sues the company where the information was hacked. 

But the Protection of Personal Information Act will be fully enacted in July next year, which means businesses will have to disclose breaches. 

 Until then, Kendall Keanly, the director of corporate and commercial practice at law firm Cliffe Dekker Hofmeyr, says companies should train their employees to be able to identify possible instances of hacking to adequately protect themselves and their clients. 

Thando Maeko and Tshegofatso Mathe are Adamela Trust business reporters at the Mail & Guardian

Subscribe to the M&G

These are unprecedented times, and the role of media to tell and record the story of South Africa as it develops is more important than ever.

The Mail & Guardian is a proud news publisher with roots stretching back 35 years, and we’ve survived right from day one thanks to the support of readers who value fiercely independent journalism that is beholden to no-one. To help us continue for another 35 future years with the same proud values, please consider taking out a subscription.

Thando Maeko
Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian
Tshegofatso Mathe
Tshegofatso Mathe
Tshegofatso Mathe is a financial trainee journalist at the Mail & Guardian.

Related stories


Subscribers only

Ithala fails to act against board chairperson over PPE scandal

Morar asked to settle with the state and pay back the profit he made on an irregular tender

Vodacom swindled out of more than R24m worth of iPhones

A former employee allegedly ran an intricate scam to steal 8700 phones from the cellular giant

More top stories

‘Extreme’ tactics and lockdown buy rhino more time

The Rockwood Conservation reserve boasts zero poaching incidents in six years and its breeding project is successful, but costly

What is EFF’s party funding quest?

Its court application to force disclosure of donations to Cyril Ramaphosa may mask a bid to portray him as a capitalist puppet

North West premier in phone tapping claims

‘Agents’ working for Job Mokgoro allegedly tapped ANC and cabinet members’ phones

Judicial committee orders Mogoeng to apologise for SA-Israel remarks

The JCC said that by the chief justice straying into politics, he breached the judicial conduct code and ordered him to issue an apology and retraction

press releases

Loading latest Press Releases…