Hackers demand 60m from TransUnion and Experian claiming data theft
pBiggerthanexpected weekly withdrawal from US crude storage and hopeful demand expectations after Fed signals rate cuts in 2024 provides supportppBanks can avoid disintermediation and leverage blockchain technology to retain their role in societyppThe committee accused public enterprises minister Pravin Gordhan of noncooperation with its inquiry into the integrity of the transaction with the Takatso consortium to buy a stake in SAAppMPs criticised the ministers failure to provide crucial documents related to the governments transaction with Takatso to purchase 51 of SAAppWelllocated smaller industrial units attract tenants and buyersppA wealth tax to partially finance a BIG programme seems justified especially since the allocation of assets continues to shape wealth inequality the report readsppCoal miners band together to help solve a crucial Transnet headacheppThe deal calls for transitioning away from fossil fuels in energy systems in a just orderly and equitable manner to achieve net zero by 2050ppCrystal Palaces grumpy Roy Hodgson has a righteous go at the ref while Joey Barton rides the crest of a wave of misogynistic bileppStill out of reach of the masses but the Chinese electric car has charm and a decent rangeppTwo of the countrys largest consumer credit reporting agencies TransUnion and Experian may have been hit by a fresh data hack potentially exposing the financial and personal data of South Africans to risk ppThe hackers the Brazilbased N4ughtySecTU Group which has hacked TransUnion before had again bypassed the organisations firewalls and security and managed to get away with the data ppIn their communication to TimesLIVE the hackers shared journalist Sabelo Skitis name and identity number through his personal WhatsApp account ppThe N4aughtySec Group is currently inside your and your clients infrastructure and will expose all data and system files in the next 24 hours should our ransom demands not be met in 24 hours the hackers told both organisations in their closed messageppWe demand 30m about R565m from TransUnion and 30m from Experian Ensure your response teams contact us on Session a private communication platform for payment instructions they said in the message sent to senior managers and directors at both organisationsppNo further extensions will be granted You were mistaken by not paying us the first time we harvested all your data and clients data We have direct access to all your data and your clients data We have direct access to all your and your clients infrastructure they added ppTransUnion through its PR company confirmed the demandppTransUnion SA is aware of a financial demand from a threat actor asserting they have accessed TransUnion SAs data While we are continuing to monitor closely we have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated Weve likewise seen no change to our operations and systems in SA related in any way to this claimpp We treat matters regarding our information security seriously and data security remains our top priority they said ppThe hackers have yet to provide evidence of a new hack or that new data has been takenppAn Experian spokesperson said We have investigated reports that Experian data in SA has been illegally obtained and have found these claims to be baseless There is no evidence that our systems or data have been compromised in any way nor the systems or data of any of our clients We take threats of this nature seriously and will continue to review our systems for security Protecting our customers and data is our top priorityppTransUnion and Experian collect credit information to provide to lenders such as insurers banks and vehicle finance housesppIf true claims of the attack would raise questions about whether the institutions are serious about curbing cyber intrusions having suffered similar attacks before said Karim Jaber CEO at militarygrade cyber security firm ScarybyteppIf this is the second attack of its kind within a year irrespective of whether its by the same group or new perpetrators it poses a significant threat to SA We must not forget that this concerns the data of SA citizens The regulatory bodies must ensure that when companies claim to have implemented security upgrades or new measures they are effective and not just nominal This incident should serve as a serious warning about the handling of such sensitive data Jaber addedppIn March 2022 the information regulator ordered that TransUnion publicise the details of the information hackers stole in newspapers and television advertisements in all of SAs official languages The regulator further said it was dissatisfied with the bureaus response to the hack Business Day reportedppIn the last hack the N4aughtySec hackers said they would leak consumers sensitive credit information and data if they were not paid a 15m R218m ransom They claimed to have accessed and taken 28million credit records and 54million identity numbers ppTransUnion said it believed the 54million number related to a 2017 hacking of an SA government website They said at least 3 million consumers were affected by the hack and that they had started messaging and emailing those affectedppAt the time the Sunday Times reported that among those affected was President Cyril Ramaphosa as his home address identity and cellphone numbers were accessed illegally The Sunday Times was also supplied with screenshots by a different group of hackers called SpiderLog who had been running unauthorised vulnerability scans on government servers These showed that government departments and stateowned companies are not safe and are wide open to intrusionppGovernment departments and entities that have previously been hit include the department of justice from which millions of rand were stolen and Transnet which was forced to declare a force majeure for its port operations as a resultppAfter the regulator criticised the lack of information TransUnion disclosed that the stolen data could include a persons name ID number gender contact details marital status the identity of their employer and duration of employment vehicle finance contract numbers and vehicle identity numbers In isolated circumstances a spouses information passport numbers and credit andor insurance scores may have been stolen Business Day reported ppThe newspaper said the extent of the breach meant banks and insurers were also at risk as criminals could use the leaked data to scam banks over the phone and pass security checks that aim to verify a customers identity This means banks and insurers would have to modify their systemsppPersonal information can also be used by scammers to call and trick consumers into handing over their banking PINs and other sensitive information if they believe the caller is from the bank It can also be used in identity theft allowing criminals to open credit accounts in consumers namesppTimesLIVEppWould you like to comment on this article Sign up its quick and free or sign in nowppPlease read our Comment Policy before commentingpp Published by Arena Holdings and distributed with the Financial Mail on the last Thursday of every month except December and January pp Published by Arena Holdings and distributed with the Financial Mail on the last Thursday of every month except December and January pp 2023 Arena Holdings All rights reservedppUse of this site constitutes acceptance of our Terms Conditions and Privacy Policyp