Private information of about 31.6m South Africans breached and still online

Cyber+Fraud
Cyber+Fraud
The private records of about 31.6 million South Africans are still online and available for download after possibly the largest data breach yet in the country.

Troy Hunt‚ Australian web security expert‚ first tweeted about the breach on Tuesday.

>https://twitter.com/troyhunt/status/920177683576717313

Hunt said it was not the largest data breach he had ever seen‚ but it was concerning because it listed “almost every living person” in South Africa.

“Every person that I have checked that sent me their ID number‚ I have found a record for. That is very concerning.”

The breach contains‚ among other things‚ ID numbers‚ ages‚ locations‚ marital status‚ occupation‚ estimated income‚ physical addresses and cellphone numbers.

Troy was shocked after he received a link from someone‚ asking him to confirm whether it was the same file.

“It’s crazy‚” he said.

Troy has been trying to contact whoever uploaded the data to try and have it removed.

Hunt received the information earlier this year‚ but he only got around to checking it earlier this week. He often receives information from various sources as he is the creator of HaveIBeenPwnd.com (https://haveibeenpwned.com/)‚ a website where you can check if your information has been compromised in any data breaches against about 4.8 billion records.

“There’s a lot of people that support the project and when they see data has been hacked out of a company or leaked somewhere. They send it to me so that I can load it in there and notify people that are in there. Fortunately these are people that often have a very ethical intent.”

Professor Basie von Solms‚ director of the Centre for Cyber Security at the University of Johannesburg‚ said cyber criminals can use the information in this breach to obtain credit.

“With enough personal information‚ one can do damage to a person by illegally opening credit accounts or make bookings. It is an extremely big risk. The great risk is to the individual whose data has been breached.” - Additional reporting by Ernest Mabuza

-TimesLIVE

Source: TMG Digital.

subscribe

Would you like to comment on this article?
Register (it's quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.