Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label South Africa data breach. Show all posts

Hackers Threaten to Leak South Africa’s Private Financial Data, Demand R1.1 Billion Ransom


In a recent cyber threat, hackers have threatened to release all of South Africa’s private financial data unless TransUnion and Experian, the two biggest consumer credit reporting companies in the country, agree to pay ransom of R1.1 billion.  

The companies – TransUnion and Experian – were the ones that were hit by the cybercrime attack. 

According to Times Live, the hackers, the Brazil-based N4ughtySecTU Group, who had previously breached TransUnion's security and firewalls, claimed to have successfully evaded the safeguards of the company once again, following which they stole the data.  

Apparently, the hackers have demanded $30m [about R565m] from TransUnion and $30m from Experian.

The hackers, in a message sent to the managers and directors of the impacted companies, stated: “Ensure your response teams contact us on Session [a private communication platform] for payment instructions.”

While acknowledging the demands, TransUnion and Experian refuted the group's allegations of an ongoing hack on their systems.

“Following recent media coverage, TransUnion South Africa confirms it is aware of a financial demand from a threat actor asserting they have accessed TransUnion South Africa’s data. We have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated,” TransUnion said.

“We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim. We are continuing to monitor closely. We treat matters regarding our information security seriously, and data security remains our top priority,” they continued. 

Not the First Attempt to Hack

Previously, in March 2022, N4ughtysecTU claimed responsibility for targeting TransUnion in their ransomware campaign. 

TransUnion South Africa later confirmed the hack, confirming that at least 3 million individuals were affected.  

Apparently, the threat actors gained access to the personal data of over 54 million people, which included information about their dates of birth, ID numbers, gender, marital status, and other sensitive facts. 

Experian also suffered a data breach in August 2020, reported by the South African Banking Risk Centre (SABRIC). The data breach compromised the personal information of around 24 million individuals and several business entities to a fraudster. 

Karabo Phungula, an Experian data fraudster, was given a 15-year prison sentence in March by the Specialized Commercial Crimes Court for obtaining the dataset under false pretence.   

Data Breach Threat: Hackers Target TransUnion and Experian, Demand R1.1 Billion Ransom

 

 In a recent development, two of South Africa's largest credit bureaus, TransUnion and Experian, have been targeted by hackers known as N4ughtySecTU, who claim to have gained access to sensitive financial and personal data of South African citizens.

TransUnion has confirmed the hackers' demand for a R1.1 billion ransom and their ultimatum of releasing the confidential information within 72 hours. However, TransUnion maintains that they have found no evidence of a security breach and that their systems remain intact.

This is not the first time TransUnion has been subjected to cyberattacks. Last year, the hackers demanded a R223 million ransom.

In August 2020, Experian experienced a significant data breach, exposing the personal information of over 20 million South Africans and 793,749 businesses to a fraudster named Karabo Phungula, who was later sentenced to 15 years in prison.

Despite the allegations, Experian has also denied any data compromise, stating that their systems remain secure and that they take such threats very seriously. "Protecting our customers and data is our top priority," Experian asserted.

As the situation unfolds, both TransUnion and Experian continue to monitor the situation closely and maintain that their priority remains safeguarding their customers' data and ensuring the integrity of their systems.