Personal data leaked online
FERVENT efforts to uncover who was responsible for the leaking of sensitive information belonging to millions of South Africans appeared to have stonewalled yesterday.
The company initially implicated in the leak was yesterday quick to distance itself. This week Australian web security expert Troy Hunt revealed on Twitter that the personal information of more than 30 million South Africans, including their ID numbers, had apparently been leaked online.
He took to Twitter saying he had “a very large breach titled ‘master deeds’”. The title of the data led him and other commentators to speculate that the leak could potentially be from the Deeds Office.
Home Affairs spokesperson Thabo Mokgola said the department was aware of the leak and would release a statement “soon”.
A local expert said he had initially narrowed the cyber attack to “either a credit bureau or a data aggregation company”.
His first possible “victim” was TransUnion, “one of the largest credit bureaux in South Africa”. “Looking into whether it was TransUnion that was breached led me to (name withheld) which counts among its clients, TransUnion.
“I first checked their platform as it is advertised as ‘the goldmine of information that offers easy access to the contact details of South African consumers and homeowners.’”