4 lessons for businesses on South Africa’s biggest data breach
“Some of our business is reactive, which is unfortunate. Smart clients come to us before their exposure evolves into trouble. We urge you to be proactive.”- Cody Wray, Co-Managing Partner, Adsero Security. Cyber Security is a global issue. Read on discover what could have prevented this massive data breach.
While massive data breaches are associated with international companies such as Ashley Madisonor LinkedIn, South Africa is no stranger to customer data being released into the public domain by cybercriminals.
In fact, it was in October 2017 when security expert Troy Hunt stumbled across the largest data breach in South African history.
The personal data of millions of South Africans was compromised when a database backup file titled “masterdeeds.sql” was leaked publicly online. The data contained millions upon millions of ID numbers, as well as contact details, addresses and income of certain individuals. It’s rumoured that even President Jacob Zuma’s cellphone number was available in the data.
This data had been publicly available for over seven months — an alarming amount of time for the leak to go undetected.
With over 60-million unique ID numbers (more than the country’s population) available in the file, it’s likely that the majority of South Africans were affected. Even certain deceased citizens had their information exposed.
Dracore Data Sciences was identified as the possible source the information, which was collected and then made available to clients. However, while they may have collected the information, it was not through their servers that the data was leaked. Rather, the data was leaked from the servers of property company Jigsaw Holdings.
The seriousness of the situation is evident from the launch of Home Affairs and Hawks investigations into the breach.
So what can other companies learn from this breach to ensure they don’t find themselves in a similar situation? Read more »