[imagesource:here]
In August, consumer, business, and credit information services agency Experian was duped into releasing the personal data of millions of South Africans.
At the time, the company was quick to claim that they had identified the perpetrator, and recovered and secured the data before it could be used for nefarious purposes.
Great, although that isn’t exactly true, because that personal data has now been discovered on the web, after being dumped on the Swiss-registered data transfer website WeSendit.
The Sunday Times reports that the dump leaves as many as 24 million people and nearly 800 000 businesses potentially exposed to online fraudsters:
Consumer protection lawyer Trudie Broekmann said people should be afraid.
“Credit bureaus list your income, assets, career history including reasons for termination, every account you have opened or loan taken, monthly instalments, payment history, every default judgment against you, your family relationships, and addresses and contact details.”
When in the wrong hands, those details can be used to cause havoc. Below from digital forensic investigator Craig Pedersen:
[He] said the stolen data is valuable not only because it contains phone and identity numbers, but because of the banking details.
“Identity numbers usually sell for 15c per user. Add banking numbers, and people on the black market will pay up to $1.50 [R25] per record. These records are potentially worth millions of rands.
“The impact will be immense because data is never just bought once on the black market. It’s sold multiple times.”
“In the terms of value, this is probably SA’s biggest leak. It’s valuable because of what you can do with it, like obtain loans and open online retail accounts.”
You can read that full report here.
At this point, the big question is what steps you should take in order to ensure that the data breach, which some estimates say affects about 90% of South Africa’s working population, doesn’t end up causing you personal harm.
Earlier this week, CapeTalk’s Refilwe Moloto spoke with Manie van Schalkwyk, from SA Fraud Prevention Services (SAFPS).
Here are some quotes from that interview:
“These fraudsters are stealing data with one thing in mind: to steal our money! They open accounts in our name, or they take accounts over…
Experian… not all information was stolen… Fraudsters give you enough information to give you confidence that it’s really the bank speaking… Through a process… and fear tactics… The moment you compromise enough information – that’s when they take over your account, in minutes!
If you get a call like that, just put the phone down! Don’t argue, don’t get involved in the conversation. They’re trained and know how to deal with consumers. They know how to get the data out – just put the phone down!”
Van Schalkwyk says that you can immediately apply for a free Protective Registration listing with SAFPS, which only takes a matter of minutes.
You can also find a handy guide on how to protect yourself here.
Let’s finish with the full CapeTalk interview:
[sources:sundaytimes&capetalk]
Hey Guys - thought I’d just give a quick reach-around and say a big thank you to our rea...
[imagesource:CapeRacing] For a unique breakfast experience combining the thrill of hors...
[imagesource:howler] If you're still stumped about what to do to ring in the new year -...
[imagesource:maxandeli/facebook] It's not just in corporate that staff parties get a li...
[imagesource:here] Imagine being born with the weight of your parents’ version of per...