Experian hacked, 24m personal details of South Africans exposed

Admire Moyo
By Admire Moyo
Johannesburg, 19 Aug 2020

Experian, a consumer, business and credit information services agency, has experienced a breach of data which has exposed some personal information of as many as 24 million South Africans and 793 749 business entities to a suspected fraudster.

In a statement, the South African Banking Risk Information Centre (SABRIC) and Southern African Fraud Prevention Service (SAFPS) say Experian has confirmed that the breach has been reported to law enforcement and the appropriate regulatory authorities.

The latest data breach comes two days after insurer Momentum Metropolitan was also hit by a cyber attack.

On Monday the insurer informed stakeholders that a third-party had unlawfully accessed a limited portion of data of a subsidiary of the group.

In the Experian breach, SABRIC and SAFPS say banks have been working with Experian and SABRIC to identify which of their customers may have been exposed to the breach and to protect their personal information, even as the investigation unfolds.

The statement says banks and SABRIC have also been cooperating with Experian in their efforts to secure the data and ensure the perpetrators are brought to book.

According to SABRIC, South African banks take the security of their customer data very seriously and have put in place robust risk mitigation strategies to detect potential fraud on accounts and protect their customers.

It adds that banks will communicate with their customers about how they may be affected by the breach and what is being done to protect them.

“The compromise of personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts. However, criminals can use this information to trick you into disclosing your confidential banking details,” says SABRIC CEO, Nischal Mewalall.

SABRIC and SAFPS urges bank customers and other consumers to follow sound identity management practices to mitigate the risk of impersonation and fraudulent applications in your name.

“Think of your identity information in the same way as you think of cash,” explains Manie van Schalkwyk, SAFPS CEO.

“Keep it safe and secure at all times, because once it is compromised, it can be used by anybody, often to impersonate you.”