With multiple breaches of personal information, consumers should assume they are compromised.
Once again individuals’ personal data has been compromised, this time through a breach at credit bureau TransUnion South Africa. This follows a compromise of credit bureau Experian last year.
TransUnion has confirmed that a hacker is holding the information to ransom stating that “we have received an extortion demand and it will not be paid”. The affected data may include personal information, such as telephone numbers, email addresses, identity numbers, physical addresses, and some credit scores. TransUnion will be contacting affected individuals and providing identity protection products such as TrueIdentity free of charge.
While actual bank details have not been compromised, criminals can use this information to trick you into disclosing your confidential banking details. This could potentially be used by third parties in various ways to commit fraudulent scams, such as application fraud or the changing of banking details via an email hack.
The reality is that breaches are becoming a norm globally. According to Manie van Schalkwyk, CEO of the Southern African Fraud Prevention Service (SAFPS) it is estimated that there are 17 billion cyber-attacks that take place around the world every day, not all being successful.
He adds that over the past two years, South African companies have been reporting that they have been victims of cyber attacks and data breaches. Some of these breaches included the compromise of personal information of consumers.
“This alarming news is further indication that every company that holds personal information is a potential target. The consumer desperately needs an extra layer of protection on their identity against criminals who will turn their lives upside down without a second thought,” says van Schalkwyk
No organisation is immune to cyber attacks. The Department of Justice recently announced that it was a victim of a cybercrime. Debt-IN Consultants, a professional debt recovery company that is a partner of many South African financial services institutions, suffered a ransomware attack that resulted in a significant data breach of consumer and employee personal information.
“It is suspected that consumer and personal information of more than 1.4 million South Africans was compromised through the Debt-IN attack in April last year,” says van Schalkwyk.
“It is critical that consumers act now before significant fraud is unknowingly committed on their behalf. After the last significant data compromise in 2020, where more than 20 million records were compromised with another credit bureau, the SAFPS saw a rise in impersonation of more than 300%.”
Protect your personal information
Consumers need to be constantly vigilant and to assume that their information has been compromised.
The South African Banking Risk Information Centre (SABRIC), recommends that bank customers follow these precautionary measures:
- Do not disclose personal information such as passwords and PINs when asked to do so by anyone via telephone or email.
- Change your passwords regularly and never share them with anyone else.
- Verify all requests for personal information and only provide it when there is a legitimate reason to do so.
- Do not use the information that may have been compromised. Rather use other personal information that you have not used previously to confirm your identity in future.
Regularly reviewing your credit report serves as a great way to check your credit data as reported to TransUnion, and guard against identity theft and financial fraud. You can access your TransUnion credit report for free.
Digital Protective Registration
Protective Registration is a free service protecting individuals against identity theft. Consumers apply for this service and the SAFPS alerts its members to take additional care when dealing with that individual’s details.
Protective Registration provides an added layer of protection and peace of mind regardless of whether or not the identity of the applicant has been compromised.
For best results, SAFPS recommends using your smart phone to complete the registration process.
“Consumers can register for a Digital Protective Registration and take action today to prevent fraudsters from having their way with your birth right. Your identity shouldn’t be used by anyone but you. And the service is at no cost to you,” says Dalene Deale, Executive Head of Secure Citizen.
Secure Citizen was created through a collaboration with SAFPS and OneVault in response to a rapid growth in identity theft following online fraud.
This article first appeared in City Press.
0 Comments