Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label South African. Show all posts

Theft of 54 million SA Records, as per TransUnion Linked to the Current Breach

 

Recently one of South Africa's main credit bureaus, TransUnion has been hacked, and the hackers are demanding $15 million in ransom. 

The compromised credit bureau revealed on Friday it had been hacked and had received a ransom demand which "will not be paid." By exploiting an authorised client's credentials, the hackers, dubbed N4aughtysecTU, acquired access to an "isolated server holding restricted data from our South African firm."

N4aughtysecTU told IT Web it had 4 terabytes of client data and had accessed 54 million records, including information from more than 200 businesses. It allegedly threatened to attack TransUnion's corporate clients unless the credit bureau paid it $15 million in Bitcoin (about R223 million). 

The breach affects many South Africans who have entered into credit agreements, regardless of loan size. Users automatically consent to the credit bureaus disclosing about credit and payment history when they sign into agreements with banks or other financial institutions, credit card providers, vehicle lenders, utilities, or other creditors. The fact that your account information and payment history will be submitted to credit reporting agencies is outlined in these agreements.

According to a statement on the TransUnion website: 
  • An isolated server containing limited information from our South African operations was impacted by the attack.
  • The team is working closely with other specialists to figure out what data was impacted. 
  • Consumer information, such as phone numbers, email addresses, and identity information, may be affected. 
People should not give out personal information such as passwords and PINs to strangers over the phone or over email, according to Sabric, and demands for personal information should be confirmed first.

Experian, a credit bureau, had a data breach in 2020, potentially exposing the personal information of 24 million South Africans. Alongside, a ransomware attack hit Debt-IN Consultants, a debt recovery partner to various South African financial sector companies, in 2021. It is estimated that over 1.4 million South Africans' personal information was fraudulently accessed from its systems.

Moreover, banks have also been targeted. Absa revealed a data breach in November 2020, and over a year and a half later, it is still identifying more compromised customers. 

South Africa’s Department of Justice hit by a Ransomware Attack

 

South Africa's Justice Department was attacked earlier this month by a major ransomware attack and has been struggling since then to get back to normal. The attack was carried out on the 6th of September 2021, after ransomware compromised the department's entire information systems. 

It restricted the internal staff and the public from accessing any technological services, including email and websites. The judicial department handled the attack by instantaneously implementing an emergency plan, as per a Bleeping Computer report. The objective was to address such circumstances and to make sure that not every activity in the country was interrupted. 

The Justice and Constitutional Development Department declared that child support payments are now suspended until systems return online. 

The paper mentioned the statement of the Justice and Constitutional Development Speaker, Steve Mahlangu, who said, “[The attack] has led to all information systems being encrypted and unavailable to both internal employees as well as members of the public. As a result, all electronic services provided by the department are affected, including the issuing of letters of authority, bail services, e-mail, and the departmental website”.

Mahlangu noted that although it is not possible to anticipate the exact day when systems will be restored, the department will “ensure all child maintenance money is kept secure for payment to the rightful beneficiaries when the systems are back online.” 

He further stated that some departmental functions remained working despite the attack. For example, just after a change to manual mode for the recording of hearings, court sittings continued. The manual steps for issuing different legal documents were also performed. 

The Department of Justice has likewise changed to a new email system. Some employees have moved to the new email system. The department also couldn't identify the cybercriminals behind the attack. However, as the recovery of the network takes a while, the hackers were not reimbursed for the attack. 

Hackers and ransomware organizations frequently take data before an information system is encrypted. This compels victims to pay an enormous ransom fee for fear of public information leakage. However, till recently "no indication of data compromise" has been identified by departmental added IT experts.