Hackers claim data stolen from 2 of SA's biggest credit bureaus, demand millions
Bruce Whitfield gets comment from Gilchrist Mushwana, Director of Cybersecurity at BDO Advisory Services.
Image: Pete Linforth on Pixabay
Hackers claim to have breached the security of two of South Africa’s biggest credit bureaus, TransUnion and Experian.
This alleged data hack could potentially expose the financial and personal data of millions of clients.
Neither company could confirm the details of the claim.
TimesLIVE reports that the Brazil-based N4ughtySecTU Group, which has hacked TransUnion before, told the publication it had again bypassed the organisation’s firewalls and security and managed to get away with the data.
In their communication to TimesLIVE, the hackers shared journalist Sabelo Skiti’s name and identity number through his personal WhatsApp… ‘The N4aughtySec Group is currently inside your and your clients’ infrastructure and will expose all data and system files in the next 24 hours should our ransom demands not be met in 24 hours,’ the hackers told both organisations in their closed message.
TimesLIVE
The article quotes the group as demanding $30 million (around R565 million) from TransUnion and $30 million from Experian.
Instructions were given in the message sent to senior managers and directors at both organisations.
TransUnion South Africa says in a statement that it’s aware of a financial demand from a ‘threat actor’ asserting they’d accessed its data.
While we are continuing to monitor closely, we have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated. We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim.
TransUnion South Africa
Experian was more direct – a spokesperson said they’d investigated reports that Experian data in South Africa had been illegally obtained, and found these claims to be ‘baseless’.
There is no evidence that our systems or data have been compromised in any way nor the systems or data of any of our clients. We take threats of this nature very seriously and will continue to review our systems for security.
Experian
Bruce Whitfield gets some clarity about how this all works from Gilchrist Mushwana, Director of Cybersecurity at BDO Advisory Services.
Could it be that a data breach had actually occurred, it’s just that no-one picked it up yet?
Not every cyberattack is about, or involves a data breach Mushwana says.
A data breach is basically when an intruder copies and leaks user information such as your name, email address and password… Some of the attacks can be just about disrupting a technology or a system, or causing panic for an organisation or targeting them in order to harm their reputation.
Gilchrist Mushwana, Director: Cybersecurity – BDO Advisory Services
The tendency of hackers to claim they have stolen information is nothing new, Mushwana points out.
He says it’s a tactic used precisely to create a sense of urgency or panic.
These two organisations are very high-profile. They deal with very serious business in terms of collecting and maintaining credit information of millions of consumers and businesses… They also play a very strategic role within financial services in terms of providing information that is related to credit.
Gilchrist Mushwana, Director: Cybersecurity – BDO Advisory Services
Based on their size and also their profile, they should have some sort of a verification to be able to verify whether a data breach has taken place… And that happens through internal processes where investigations are done together with people assigned to do that within the organisation, supported by their partners like specialists such as ourselves at BDO.
Gilchrist Mushwana, Director: Cybersecurity – BDO Advisory Services
Scroll up and listen to the interview audio for more detailed information