The personal data of nearly 24 million South Africans and 793 749 businesses were handed over to a fraudster last month. Now, reports suggest that some of this information has been leaked online.
“Experian South Africa had tens of millions of personal records breached last month. Only 1.3 million contained e-mail addresses, with others including government-issued IDs, names, addresses and employment info. 66% were already in @haveibeenpwned,” says Have I Been Pwned, record exposure search engine, in a tweet.
Experian says that it is still investigating the “isolated incident in South Africa involving fraudulent data inquiry.”
And the credit bureau notes that it has “identified files which [it] believes contain Experian data relating to the incident on the Internet. We continue to investigate these files and we will take all steps available to us to reduce further dissemination if possible.
“We can confirm that a criminal case was opened last week in South Africa and the matter is now in the hands of law enforcement. Our priority remains on supporting consumers and businesses in South Africa. When we first became aware of the fraudulent incident, we took immediate steps to make sure that individuals and businesses in South Africa could take steps to protect themselves.”
“We reiterate, however, that no sensitive consumer credit or financial information was obtained by the fraudster in this incident.”
If you’re concerned that your information has been compromised:
1. Update your digital banking passwords immediately
2. Keep an eye out for suspicious activity across your accounts
3. Do not share ANY personal banking details or OTPs with anyone via email or telephone