The Hacking of Credit Bureau TransUnion South Africa: Millions of Records Stolen

The Hacking of Credit Bureau TransUnion South Africa: Millions of Records Stolen

TransUnion South Africa joins the growing group of organizations that have been breached by hackers. The well-known credit reporting bureau is the keeper of all of the personal information that can make or break the individual credit of almost all South Africans, and yet the Brazilian hackers named N4ughtySecTU stated the ease of breach due to a password that was “password.” Alerted on March 11, 2022, the reporting company didn’t make a statement until March 17th, 2002, where it admitted that over 54 million personal records had been stolen and a ransom was being demanded by the hackers. This raises the important questions of how secure are the companies holding the credit futures of so many in their hands?

TransUnion is an American credit reporting agency that has a presence in over thirty countries, with personal information for over one billion consumers. As of one of three major credit reporting agencies the data that is held at TransUnion can influence everything from whether an individual can be hired to the interest rates that they pay. This kind of power has been historically based on the idea that TransUnion and other credit reporting bureaus, have been guarding and managing the information securely. However, this has been a ruse, as the hacking group N4ughtySecTU have stated that they have been hacking TransUnion South Africa since 2012, without detection. Apparently the success of the breach was due to use of an authorized client’s credentials.

The hackers contacted the TransUnion South Africa CEO, Lee Naik, via his cell phone using information taken in the breach. They demanded a ransom of R223 million in Bitcoin within seven days or they will either target clients or expose the data they have collected.The hackers advised that they have divided the stolen information into groups: government officials, political parties, prosecutors, judges, Parliament officials, etc. And will take actions accordingly.

So what has been the TransUnion South Africa response? They suspended access for the authorized client’s credentials used for the breach, brought forensic and cyber security experts onboard for an investigation, took some of their processes offline, began working with law enforcement, and stated that they wouldn’t be paying the ransom.

Additional TransUnion SA actions that will be taken will include: notifying all that may have had their information stolen and supplying identity protection products to those affected free of charge.

For anyone that has experienced identity theft these actions are “too little too late.” Companies such as TransUnion South Africa has treated their care of the most valuable personal information for so many South Africans in a callous manner. Given the priority of the data, corporations such as TransUnion South Africa should have been employing the highest level of IT and cybersecurity professionals all along and it is an atrocity that they have had such a flippant attitude about information that can so drastically affect the lives of individuals and companies.

“DaVinci Cybersecurity continues our efforts to work with companies of all sizes to emphasize the importance of heightened attention on digital and network security as well as coordinating with staff and employees to educate and inform on the many ways that threat actors can infiltrate and harm them and the companies they work for.”

Sharon Knowles, CEO DaVinci Cybersecurity

Source:

https://www.itweb.co.za/content/o1Jr5Mx9BVjqKdWL

https://www.americanbanker.com/news/transunion-south-africa-hacked-by-threat-actor-n4ughtysectu