Between 2015 and 2018, over 84 000 consumer profiles were compromised as part of a massive ID fraud syndicate. This came to light when 15 men appeared in the Nigel Regional Court on 6 May on charges of fraud, theft, forgery and contravention of the Identification Act.
What is concerning is that the compromised personal information possibly came from credit records obtained from a credit bureau. Furthermore, the affected consumers have not received any notification of the breach.
SAPS spokesperson Colonel Lungelo Dlamini said that they are aware of the sources of the data but could not provide this information as it was part of the evidence that would be provided in the court case.
The National Credit Regulator (NCR) is now conducting its own investigation into the credit bureaus for any role that they may have played in enabling the ID fraud syndicate to access the consumer data. A spokesperson for the NCR said, “once we complete the investigation we will consider redress that must be given to consumers.”
City Press contacted two credit bureaus, and both denied being part of the investigation. In response to a written query, Compuscan compliance and risk officer Annelene Dippenaar confirmed that “Compuscan was not involved in the below matter. We have been requested to refer all queries regarding this to the NCR.”
In its written response, credit bureau TransUnion told City Press that “the credit bureaus are aware of the alleged fraud incidents where it appears that consumer credit reports were accessed to gain information that was used in the perpetration of the alleged fraud. The National Credit Regulator and the South African Police are currently investigating the use of these consumer credit reports to understand how these were obtained and used in the alleged fraud. Accordingly, until such time as the investigation has been completed the National Credit Regulator has asked all bureaus not to comment on the matter individually, but to refer all queries to them. We can confirm, however, that TransUnion is not being investigated by the South African Police in connection with this event”.
Manie van Schalkwyk, head of the South African Fraud Prevention Services (SAFPS) confirmed that they were aware of the operation. They informed all credit providers and banks of the 84 000 compromised consumer profiles, however van Schalkwyk said it was not possible to inform such a large number of consumers directly. SAFPS offers a service where a compromised consumer can register for an alert whenever anyone tries to open an account in their name, however SAPFS cannot do this without the consumer’s permission.
While this particular ID fraud syndicate has been caught, in a media statement, SAPS stated that “syndicate operatives have been identified as widespread across other provinces.”
How ID fraud syndicates operate
It is possible that City Press reader Buti is one of the many victims of the ID fraud syndicate. Buti first discovered that he was a victim of ID theft in December when he noticed a debit order going off his account for a Telkom mobile phone contract. “I contacted the bank and reversed the debit order. I then checked my bank statement and realized that it had been going off since July,” says Buti who was able to reverse the most recent debit orders, but he is still out of pocket by R3 500.
He discovered that someone had used his personal details to take out three pre-paid and three contract cellphones. “I could not understand how they did this as I have never lost my ID documents,” Buti said.
According to the court documents, the syndicate operated a printing shop where falsified information was received and then used to forge documents.
They would obtain the personal profiles of individuals with good credit records and use this information to create forged documents. This included falsified identification books or ID cards, bank statements, payslips and proof of residence to open accounts or even steal funds from people’s bank accounts.
They would match the profile of the compromised consumer, such as age, race and gender, to a runner or “striker” who would then use these documents to take out vehicle finance, personal loans, cellphone contracts, store credit accounts and even make cash withdrawals from bank accounts by changing PINs.
According to the court papers “they had sufficient information to open accounts, obtain loans and purchase items on credit, or to change personal details such as pin codes at any bank.”
How to protect yourself
Buti could have picked up the fraud earlier if he had checked his bank statements or even his credit profile. As consumers we need to remain vigilant when it comes to our financial security.
Sign up for your bank’s notification system: Make sure you are notified of any transactions that go through your account.
Check your bank statements: If you have any unauthorised debit orders, notify your bank immediately. ID theft is different from the R99 debit order scam in that ID theft usually relates to a credit agreement with a legitimate provider. Contact the service provider immediately. Once Buti informed Telkom, they blocked the phones and stopped the contract immediately.
Check your credit record: Your credit record would reflect any accounts opened in your name. You can obtain a free credit record from each of the six credit bureaus. This means you could check your credit record with a bureau every second month for free.
There is also an option to sign up for their alert system which notifies you when an account is being opened in your name. This does have a monthly fee.
Register with the South African Fraud Prevention Services: Buti was advised to register his ID with the South African Fraud Prevention Service which then places an alert on any accounts opened in his name. This alert informs the credit provider that the application could be fraudulent, so keep in mind that it will also make the opening of a legitimate account more cumbersome. But if you believe your personal information has been compromised, then it’s worth signing up for this free service. You can contact the SAFPS help line on 0860 101 248 to register your ID number on their alert list
Change passwords: If you suspect that your information has been breached, immediately change all your user names and passwords on sensitive accounts and websites.
If you have any information about the fraud syndicate you can contact Sergeant Laurence of the Provincial Investigation Unit on 079 818 3183, or Crime Stop at 08600 10111. The case will resume in July at the Palm Ridge Regional Court.
This article first appeared in City Press.