Credit reporting company Experian has suffered a data breach affecting all of its offices in South Africa, which would have exposed confidential information that was handed over to a scammer. Cybersecurity specialists report that the suspect had already been identified and the exposed data has already been deleted.
The agency notified the relevant authorities and regulatory bodies of the data breach, emphasizing that users’ financial information was not compromised at any time. Experian is the world’s largest credit firm, operating reports based on loan habits used by banks, auto agencies, retail stores, among other companies.
Although the incident was detected on time, the South Africa Bank Risk Information Centre (SABRIC) says that data from nearly 24 million people were compromised, in addition to information from nearly 800,000 companies operating in South Africa.
“These kinds of incidents affect citizens’ personal information and may represent the ideal opportunity for cybercriminal groups to carry out phishing attacks, identity fraud, among other crimes,” says Nischal Mewalall, banking security specialists and director of SABRIC.
The authority asks citizens who believe that their information has been compromised to file a claim for free South African Fraud Prevention Services (SAFPS). Thanks to these services, banks and credit companies detect potential identity fraud, implementing better mechanisms for the prevention of these crimes.
In addition, SAFPS reminds individual users and companies that the risk of fraud is still active, so consider the following recommendations:
- Do not share confidential information (usernames, passwords, bank numbers) with anyone and by any means. Companies do not request this information by phone or email
- Apply email filters to reduce the risk of receiving a fraudulent message
- Reset your passwords regularly; changing them every six months is recommended
For more details on the progress of this investigation you can contact the SAFPS offices directly.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.