The information of more than 1.4 million South Africans has been left vulnerable after a data breach in the form of a ransomware attack that occurred at the Department of Justice.
THE INFORMATION of more than 1.4 million South Africans has been left vulnerable after a data breach in the form of a ransomware attack that occurred at the Department of Justice earlier this year.
While the breach in information surfaced last week, according to Debt-IN services, the attack took place in April.
Debt-IN services provides debt recovery solutions to many South African financial services institutions.
The breach was discovered after confidential consumer data and voice recordings of calls between Debt-IN debt recovery agents and financial services customers were posted on hidden internet sites that are only accessible by a specialised web browser.
The company said on Wednesday that the findings of an investigation showed there had been no further breach, and enhanced data protection measures remained securely in place.
“Debt-IN deeply regrets this cyberattack and we apologise unreservedly for the inconvenience and anxiety this data breach has caused our clients and their customers,” said CEO Mark Essey.
“In this age of highly sophisticated information security threats and an estimated 17 billion cyberattacks around the world every day, Debt-IN is committed to doing all it can to protect clients’ information. We reiterate that we view this attack as the act of malicious cybercriminals. From the time this data breach was detected, our guiding principle has been to put our clients first, and we will continue to do so,” he added.
The director-general of the Justice Department, advocate Doctor Mashabane, said this week that the attack affected all of their information and communication technology (ICT) systems, both from a system administration and end-user perspective.
Mashabane said the full extent of the breach had not been determined as investigations into the hack were continuing.
The hack affected the department’s child maintenance MojaPay system. Court proceedings were also affected by the breach in ICT infrastructure. The director-general said that manual systems have been put in place to ensure continuity of court proceedings.
“Since the breach, the department’s IT team, together with selected industry parties and organs of state, has been working expeditiously to contain the spread of the malware and bringing up services in a safe and secure manner.
“Priority has been given to services that are affecting the public directly, particularly as it pertains to beneficiary payments, and ensuring that court proceedings continue as planned,” Mashabane said.
“In the past week the electronic recording of court proceedings had been restored since September 16, 2021 and as such most courts are operating as normal,” he added.
Mashabane said the breach was regarded as a crime and that the matter had been reported to the relevant authorities on September 10, including the CEO of the Information Regulator, Mosalanyane Mosala.
The executive director of the Southern African Fraud Prevention Service (SAFPS), Manie van Schalkwyk, said the breach was a cause for concern, as the information of more than a million people was in the hands of cybercriminals.
“In a country where identity fraud is common practice, this is extremely concerning. It is critical that consumers act now before significant fraud is unknowingly committed on their behalf.
“As a society, it is important that we move towards creating a world where the fight against fraud becomes protective and proactive. We need to protect consumers and this needs to be done in a proactive manner,” said Van Schalkwyk.
Head of online security company Secure Citizen, Dalene Deale, said the attack was a classic example of incidents in the current environment. She said that as the information and digital age becomes more prevalent, cyberattacks are increasing.
“Fraudsters do not discriminate. Fraud is a fraudster’s business and they often use the same business tactics we use in legitimate business, the difference being that they don’t have customers, they have victims.
“Thanks to an increase in data breaches, fraudsters are motivated and armed with the correct information, meaning that they are very capable of impersonating an individual,” said Deale.