UPDATE | TransUnion believes breach of 54 million SA records unrelated to current hack

accreditation
0:00
play article
Subscribers can listen to this article
TransUnion announced on Friday that it had been hacked and received a demand for ransom that it said “will not be paid". Picture: Getty
TransUnion announced on Friday that it had been hacked and received a demand for ransom that it said “will not be paid". Picture: Getty
  • TransUnion believes claims by its alleged hackers that 54 million South African records were compromised are actually from an old incident that doesn't involve the company
  • TransUnion announced on Friday that it had been hacked and received a ransom demand that it said "will not be paid".
  • South African banks are working with TransUnion to protect their clients' bank accounts and personal data in the wake of the attack


TransUnion believes claims by its alleged hackers that 54 million South African records were compromised are actually from an old incident that has nothing to do with the current cyber attack on the credit bureau.

"We believe that the 54 million records relate to a 2017 data incident unrelated to TransUnion," it told Fin24 on Saturday. 

TransUnion announced on Friday that it had been hacked and received a ransom demand that it said "will not be paid". The hackers, apparently named N4aughtysecTU, gained access to an "isolated server holding limited data from our South African business" by misusing an authorised client's credentials.

N4aughtysecTU had told IT Web it had 4 terabytes of client information and had accessed some 54 million records, including data from over 200 corporates. It reportedly threatened to attack TransUnion's corporate clients if the credit bureau didn’t pay it $15 million (about R223 million) in Bitcoin.

TransUnion said on Saturday that its team is "working closely with external experts to gain a comprehensive understanding of what data was affected." 

Meanwhile, South African banks are working with TransUnion to protect their clients' bank accounts and personal data in the wake of the attack, according to the SA Banking Risk Information Centre (Sabric). 

"Sabric has already engaged TransUnion South Africa with the aim to coordinate the banking industry’s efforts to secure bank customers’ profiles against abuse," CEO Nischal Mewalall said in a statement on Saturday

He said SA banks have put in "place robust risk mitigation strategies to detect potential fraud on accounts and protect customer personal information".

Mewelall said that having access to people’s personal information did not guarantee the hackers access to customers’ banking profiles or accounts, but warned that "criminals can use this information to impersonate people or trick them into disclosing their confidential banking details."

Sabric said people should not disclose personal information such as passwords and PINs when asked to do so by anyone via phone or email, and that requests for personal information should be verified first.

In 2020, another credit bureau, Experian, suffered a data breach, which potentially exposed the information of 24 million South Africans. In 2021, Debt-IN Consultants, a debt recovery partner to many South African financial services institutions, got a ransomware attack. It is estimated that the personal information of more than 1.4 million South Africans was illegally accessed from its servers.

Banks have not been spared either. Absa announced a data leak in November 2020, and it has been identifying more impacted customers this year, almost a year-and-a-half after the incident. Standard Bank also identified a data breach on its LookSee platform in November last year

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
16.63
-0.6%
Rand - Pound
19.89
-0.6%
Rand - Euro
17.06
-0.5%
Rand - Aus dollar
11.31
-0.7%
Rand - Yen
0.12
-0.8%
Gold
1,766.15
+0.1%
Silver
19.25
+0.2%
Palladium
1,956.50
+0.9%
Platinum
862.00
-0.8%
Brent Crude
102.77
-10.4%
Top 40
59,607
+1.1%
All Share
65,702
+1.1%
Resource 10
60,490
+1.8%
Industrial 25
81,207
+1.1%
Financial 15
14,413
+0.4%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot