• The SA Data Breach: What Now?

The SA Data Breach: What Now?

23 October 2017

By Rudi Dicks, Senior Cyber Consultant, BDO Cyber and Forensics Lab

Last week we saw the largest data leak in South African history and yes, you are almost certainly affected. Below I briefly answer some of the most common questions I’ve been asked over the last few days:

What happened?

66 million South Africans had their personal data leaked on the internet. Some 57 million living and 9m deceased citizens.

12.5 million of those are children under the age of 18 and as young as three.

How did this happen?

Investigations are ongoing, but it appears to be a case of neglect rather than a sophisticated attacker. An estate agency owned by Jigsaw Holdings appears to have published a backup of their entire database where anyone with a little technical knowledge could download it.

What was leaked?

Mostly the same information you had to provide when you do a credit application:

  • 10 digit national ID number
  • First name, Surname, Gender, Marital Status,
  • Population Group, Location, Most recent physical address
  • Home ownership, Directorship, Occupation, Employer name, Occupation, Estimated Income
  • Cel number, Work Number, Email address

Much of this information appears to be partial and not all fields are shown for all users.

Was I affected? How can I check?

Most likely. Especially if you’ve ever applied for any sort of credit. (I know right?).

First a warning: over the coming weeks we expect to see a lot of fake websites that will offer to verify if you were part of the leak, but instead of checking, it will capture your details and sell them so please make sure you only use trusted sites.

Of the 66 million records, only two million had email addresses attached. For those two million people you can go check the following website: https://haveibeenpwned.com/ (this site is run by the guy who first revealed the breach and is reputable).

How long has this information been out there?

For at least 7 months and considering the file was dated April 2015, possibly for as long as two and a half years.

What now?

In short, you are much more likely to receive unsolicited emails and phone calls but more importantly it becomes increasingly easy for criminals to commit identity theft and fraud. Consider how many security questions an attacker can answer about you with this information. From there they can potentially apply for a loan in your name or ask for a copy of your sim card to be sent to them.

What can I do?

Not much, unfortunately. A lot of the frustration around this leak is that it contains mostly “immutable data” or data that can’t easily be changed. If only you could change your ID number as easily as your password. Use reputable credit agencies to monitor unusual activity on your credit record. This is the best way to identify if someone has applied for a loan using your identity.

Always be a little paranoid when dealing with strangers who contact you via telephone or the internet and ask yourself what they can do with the information you are providing.

Read more BDO Insights