[imagesource:needpix]

Two of South Africa’s biggest consumer credit reporting agencies, TransUnion and Experian, are apparently being targeted by a Brazilian hacker group called N4ughtySecTU.

The hackers have confirmed to a TimesLIVE journalist that they managed to bypass all of the two agencies’ firewalls and extract personal data. They are threatening to release the information unless a $60 million (R1.1 billion) ransom is paid – $30 million (R565 million) from TransUnion, and $30 million from Experian.

N4ughtySecTU contacted a TimesLIVE journalist via WhatsApp to brag about the hack.

“The N4aughtySec group is currently inside your and your clients’ infrastructure and will expose all data and system files in the next 24 hours should our ransom demands not be met in 24 hours,” the communication read.

The message to the senior management of both companies also stated: “We demand $30m R565m] from TransUnion and $30m from Experian. Ensure your response teams contact us on Session [a private communication platform] for payment instructions,”

“No further extensions will be granted … You were mistaken by not paying us the first time we harvested all your data and clients’ data. We have direct access to all your data and your clients’ data. We have direct access to all your and your clients’ infrastructure.”

TransUnion has suffered an attack from the group before and confirmed that the group was trying to extort money again, although it denied that it was able to get at the data.

“TransUnion South Africa is aware of a financial demand from a threat actor asserting they have accessed TransUnion South Africa’s data. While we are continuing to monitor closely, we have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated. We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim.”

Experia echoed these words, saying that they also could find no evidence of data being accessed. The hacker on the other hand has also not produced any evidence of the breach.

TransUnion and Experian collect credit information for lenders such as insurance, banks, and auto finance companies, so a hack like this could be disastrous. The previous hack, which apparently included Cyril Rhamaphosa’s home address, identity and cellphone numbers, led to the information regulator ordering that TransUnion post the details of the information hackers stole in newspapers and television.

That hack had a $15m (R218 million) ransom. N4aughtySec claimed to have taken 28 million credit records, and 54 million identity numbers.

Business Day reported at the time that the stolen data could include a person’s name, ID number, gender, contact details, marital status, the identity of their employer and duration of employment, vehicle finance contract numbers and vehicle identity numbers, a spouse’s information, passport numbers, and credit and/or insurance scores.

[source:timeslive]