The South African arm of one of the world's largest credit check companies Experian yesterday announced a data breach incident that exposed personal information of millions of its customers.
While Experian itself didn't mention the number of affect customers, in a report, the South African Banking Risk Information Centre—an anti-fraud and banking non-profit organization who worked with Experian to investigate the breach—disclosed that the attacker had reportedly stolen data of 24 million South Africans and 793,749 business entities.
Notably, according to the company, the suspected attacker behind this breach had already been identified, and the stolen data of its customers had successfully been deleted from his/her computing devices.
"We have identified the suspect and confirm that Experian South Africa was successful in obtaining and executing an Anton Piller order which resulted in the individual's hardware being impounded and the misappropriated data being secured and deleted."
Experian South Africa has already reported the breach to law enforcement and the appropriate regulatory authorities.
The company claims there is no evidence indicating whether the stolen data includes consumers' credit or financial information or used for fraudulent purposes before authorities had it deleted.
"Our investigations also show that the suspect had intended to use the data to create marketing leads to offer insurance and credit-related services."
"The compromise of personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts. However, criminals can use this information to trick you into disclosing your confidential banking details," says SABRIC CEO, Nischal Mewalall.
Besides releasing this information, SAFPS also recommended that credit reporting agency customers should immediately apply for a free Protective Registration listing with Southern Africa Fraud Prevention Service that has been designed to alert users when their identity is compromised.
You can also regularly check your credit report for free here.
While Experian itself didn't mention the number of affect customers, in a report, the South African Banking Risk Information Centre—an anti-fraud and banking non-profit organization who worked with Experian to investigate the breach—disclosed that the attacker had reportedly stolen data of 24 million South Africans and 793,749 business entities.
Notably, according to the company, the suspected attacker behind this breach had already been identified, and the stolen data of its customers had successfully been deleted from his/her computing devices.
"We have identified the suspect and confirm that Experian South Africa was successful in obtaining and executing an Anton Piller order which resulted in the individual's hardware being impounded and the misappropriated data being secured and deleted."
Experian South Africa has already reported the breach to law enforcement and the appropriate regulatory authorities.
The company claims there is no evidence indicating whether the stolen data includes consumers' credit or financial information or used for fraudulent purposes before authorities had it deleted.
"Our investigations also show that the suspect had intended to use the data to create marketing leads to offer insurance and credit-related services."
"The compromise of personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts. However, criminals can use this information to trick you into disclosing your confidential banking details," says SABRIC CEO, Nischal Mewalall.
Besides releasing this information, SAFPS also recommended that credit reporting agency customers should immediately apply for a free Protective Registration listing with Southern Africa Fraud Prevention Service that has been designed to alert users when their identity is compromised.
You can also regularly check your credit report for free here.