According to SABRIC, information on the personal banking transactions of 24 million South Africans and 793.749 businesses was exposed after the data breach. However, as the company initially claimed, none took place hack and SABRIC reports are inaccurate.
The CEO of Experian South Africa, Ferdie Pieterse said that infringement data revealed the personal data of 23,4 million South Africans and 607.000 businesses.
According to him, the violation was the result of a malicious agent from South Africa, who claimed to represent a legitimate client and requested services from the company.
The perpetrator used techniques social engineering and managed to convince Experian to provide him with the records of 23,4 million people.
According to Pieterse, the crook already had the names, surnames and ID numbers of the individuals and Experian only provided contact information such as phone numbers and addresses.
Its CEO J2 Software, John Mc Loughlin stated that this is a serious data breach. He stressed that it has taken place since May and data have been exposed for months.
These data were discovered earlier this month at Dark Web. They include cell phone numbers, home addresses, work phone numbers, employment information and ID numbers. According to information, the available company data also includes the names of the companies, as well as contact details, VAT numbers and bank details.
However, an anonymous source told MyBroadband The data leaked by Experian is now available all over the internet and can be obtained in a simple process.
Η Orange Cyberdefense presented the data now available online:
- 25.055.050 total data contained in multiple CSV files.
- 21.263.393 unique data
- 2.736.752 entries are listed two or more times.
- 1.263.435 unique email addresses contained in leaked data.
To date, affected customers have not been clearly informed of what data they have leaked online.