• Home
  • /
  • Networking
  • /
  • Hackers demand R1.1bn ransom from TransUnion, Experian

Hackers demand R1.1bn ransom from TransUnion, Experian

Admire Moyo
By Admire Moyo, ITWeb's news editor.
Johannesburg, 23 Nov 2023
TransUnion and Experian claim there is no evidence their systems or data have been compromised.
TransUnion and Experian claim there is no evidence their systems or data have been compromised.

Notorious Brazilian hacker group N4ughtySecTU Group is, once again, tormenting credit bureaus TransUnion and Experian, claiming it has breached their IT systems, again.

According to a report by Times Live, the hacker group is demanding a ransom of $60 million (R1.1 billion) from the credit bureaus.

However, the companies have refuted that they have been hacked, saying they have not seen anything untoward in their IT systems.

ITWeb last year broke the news about the TransUnion hack when N4ughtySecTU demanded $15 million (R223 million) ransom over four terabytes of compromised data.

After the hack, the group claimed it had accessed 54 million personal records of South Africans, including the personal details of president Cyril Ramaphosa.

Experian made headlines in August 2020, after it experienced a data breach that exposed the personal information of as many as 24 million South Africans and 793 749 business entities to a fraudster.

In March, the Experian data fraudster Karabo Phungula was sentenced to 15 years in prison by the Specialised Commercial Crimes Court.

In an e-mail seen by ITWeb today, N4ughtySecTU says: “We have harvested all of TransUnion’s and Experian’s data files and systems, as well as its clients’ data files and systems. We are actively inside the IT networks of Transunion and Experian and their clients. We have remained silent since our last demands were not met. We never left.

“We will now leak all data and files over the next 72 hours. The firestorm has commenced.”

During the last incident, the credit bureaus refused to give in to the ransom demands.

In a statement today, TransUnion says: “TransUnion South Africa is aware of a financial demand from a threat actor asserting they have accessed TransUnion South Africa’s data.

“We have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated. We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim. We are continuing to monitor closely.

“We treat matters regarding our information security seriously, and data security remains our top priority.”

An Experian spokesperson says: “We have investigated reports that Experian data in South Africa has been illegally obtained and have found these claims to be baseless.

“There is no evidence that our systems or data have been compromised in any way, nor the systems or data of any of our clients. We take threats of this nature very seriously and will continue to review our systems for security. Protecting our customers and data is our top priority.”