Get more Mail & Guardian
Subscribe or Login

What cyberhacking data means for you

Whenever you hand over your private information to an institution, it’s an act of trust.

You are trusting that the information will be used for its intended purposes and that reasonable measures have been taken to protect your privacy. 

But cybersecurity criminals are always on the lookout to cash in on holes in network systems. 

On August 19, the South African Banking Risk Centre announced that there had been a significant data breach at the South African wing of the multinational credit bureau, Experian, resulting in the exposure of the personal information of 24-million South Africans and 793 749 businesses.

Craig Rosewarne, the managing director at the cybersecurity company Wolfpack Information Risk, said some institutions have a public domain such as a website where people can check if they were vulnerable. There was no such system in place at Experian. 

But, said Rosewarne, you could use other sites such as to check whether your privacy has been compromised. It’s a simple matter of going to the site and using your email address. 

Experian said their investigation shows that no consumer credit or financial information was revealed. But, said Manie van Schalkwyk, the chief executive of Southern African Fraud Prevention Services, because hackers have some of the data, they can use it to pose as an institution such as a bank to get further information. 

He advises people to visit a credit bureau and get their credit report, which will show if there were any devious activities. 

He said hacking happens because criminals use your personal information to impersonate you or to open other accounts. 

“[They] steal our data to steal your money,” said Van Schalkwyk. 

Lukas van der Merwe, a specialist sales executive for security at T-Systems South Africa, said the accelerated move to cloud systems makes data breaches an inevitability. 

“This comes at a time when having preventative measures in place is not enough and hasn’t been enough for some years,” he said. 

Preventative measures should be supplemented by systems that can identify when malicious activity in networks is taking place so that they are stopped while it is happening, he added. 

Rosewarne said that people should avoid using the same password for multiple sites, because if one site is compromised, criminals can try using the same credentials on other sites. 

He added that sometimes, instead of creating new login details, some websites allow users to use their Google logins. This will also make it easier for hackers to use your information at other sites.

Rosewarne suggests that you use dual-factor authentication to lessen the chance of getting hacked. When it comes to passwords, he said they should be at least 12 characters long and people should avoid using dictionary words. 

He said that companies sometimes have breaches and hope this will not become public knowledge. 

Rosewarne said that from a government point of view nothing can be done — unless an individual or group sues the company where the information was hacked. 

But the Protection of Personal Information Act will be fully enacted in July next year, which means businesses will have to disclose breaches. 

 Until then, Kendall Keanly, the director of corporate and commercial practice at law firm Cliffe Dekker Hofmeyr, says companies should train their employees to be able to identify possible instances of hacking to adequately protect themselves and their clients. 

Thando Maeko and Tshegofatso Mathe are Adamela Trust business reporters at the Mail & Guardian

Subscribe to the M&G

Thanks for enjoying the Mail & Guardian, we’re proud of our 36 year history, throughout which we have delivered to readers the most important, unbiased stories in South Africa. Good journalism costs, though, and right from our very first edition we’ve relied on reader subscriptions to protect our independence.

Digital subscribers get access to all of our award-winning journalism, including premium features, as well as exclusive events, newsletters, webinars and the cryptic crossword. Click here to find out how to join them and receive a 40% discount on our annual rate..

Thando Maeko
Thando Maeko is an Adamela Trust business reporter at the Mail & Guardian
Tshegofatso Mathe
Tshegofatso Mathe
Tshegofatso Mathe is a financial trainee journalist at the Mail & Guardian.

Related stories


Subscribers only

Wild garlic harvesters back in court

Healers say the plant is part of their heritage, but officials counter that it is a protected species

Oil boom may be the industry’s last hurrah

Biggest players in the game show signs of recovery but a low-carbon future may threaten fossil fuel

More top stories

Drop in child vaccinations a danger

There are fears of a resurgence in preventable childhood diseases in the face of poor immunisation data

Rising temperatures will shrink global GDP by mid-century

New research shows unmitigated warming could knock 18% off of global GDP by 2050

Apologise or face action — NEC instructs Magashule

ANC secretary general Ace Magashule has been ordered by the party’s NEC to publicly apologise for writing an unauthorised letter suspending President Cyril Ramaphosa

Richard Calland: Less cash to splash spells new-look South African...

The new political party funding law brings changes to allocations – and possibly an end to dodgy donors

press releases

Loading latest Press Releases…