One of South Africa’s largest credit bureaus, TransUnion, has been hacked.
The company said in a statement on Friday that a third party obtained access to one of its servers through “misuse of an authorised client’s credentials”.
“We have received an extortion demand and it will not be paid,” the company said.
“Immediately upon discovery of the incident, TransUnion South Africa suspended the client’s access, engaged cybersecurity and forensic experts, and launched an investigation,” it added.
It said that it took “certain” of its services offline as a precautionary measure, but these services are now back online.
“We believe the incident impacted an isolated server holding limited data from our South African business. We are working with law enforcement and regulators,” the company said.
“We are engaging clients in South Africa about this incident. As our investigation progresses, we will notify and assist individuals whose personal data may have been affected. We will be making identity protection products available to impacted consumers free of charge.”
‘Serious incident’
ITWeb reported that the the attackers, known as the Brazilian hacker group N4aughtysecTU, were demanding US$15-million (R224-million) in ransom within seven days and that they had stolen 4TB of data from TransUnion made up of the personal records of 54 million South Africans.
“The security and protection of the information we hold is TransUnion’s top priority,” said CEO Lee Naik in the statement. “We understand that situations like this can be unsettling and TransUnion South Africa remains committed to assisting anyone whose information may have been affected.”
The Information Regulator, meanwhile, told TechCentral on Friday that it has not received a formal notification from TransUnion, as required under section 22 of the Protection of Personal Information Act (Popia).
“We are within our powers to initiate an investigation into this breach. What is claimed — that massive amounts of data subjects’ personal information which may have been accessed by unauthorised persons — makes this a serious incident and the regulator takes these allegations equally seriously. We will investigate this breach as required by Popia, and where we find instances of illegality or lack of proper safeguards for protection of personal information, we will hold everyone involved accountable.”
TransUnion did not respond to questions from TechCentral seeking more information and clarity. — (c) 2022 NewsCentral Media