Experian South Africa fell for spear-phishing attack, suffered massive data breach

Experian South Africa fell for spear-phishing attack, suffered massive data breach

Experian South Africa suffers massive data breach

Credit rating agency Experian South Africa fell for a spear-phishing attack this week when a fraudster tricked the agency into sharing the personal information and other data of 24 million South Africans and 793,749 business entities.

In a press release carefully worded to play down the impact of the data security incident, Experian South Africa said on Wednesday that it was able to curtail a data incident by catching a fraduster who impersonated a legitimate client to request certain information from the agency which is publicly available.

The agency said information shared with the fraudster did not include any consumer credit or consumer financial information and that the fraudster intended to use the fraudulently-obtained data to create marketing leads to offer insurance and credit-related services.

"We have identified the suspect and confirm that Experian South Africa was successful in obtaining and executing an Anton Piller order which resulted in the individual’s hardware being impounded and the misappropriated data being secured and deleted. We are continuing the legal process in this regard, including coordination with law enforcement and relevant authorities.

"Furthermore, upon discovering the incident, Experian South Africa notified the National Credit Regulator and the Information Regulator of the incident. We have also been engaged with BASA, SABRIC and the prudential authority at the SARB," Experian South Africa said.

“I would like to apologise for the inconvenience caused to any affected parties. Our first priority is to help and support consumers and businesses in South Africa,” said Experian Africa CEO Ferdie Pietersen. However, the agency failed to state how many customers and businesses were affected and what was the nature of the information shared with the fraudster.

Sabric (South African Banking Risk Centre) that supports the banking industry in combating crime, said the spear-phishing attack exposed some personal information of as many as 24 million South Africans and 793,749 business entities to a suspected fraudster.

Sabric said that even though it is not easy for fraudsters to empty the bank account of affected customers of Experian as banks have put in place robust risk mitigation strategies to detect potential fraud on accounts, criminals can still use stolen personal information to trick people into disclosing their confidential banking details.

Commenting on the massive breach of consumer information suffered by Experian South Africa, Dean Ferrando, systems engineer manager - EMEA at Tripwire, said that those affected by the breach must change their passwords and security information immediately as identity theft is just as bad as an attacker draining one’s bank account.

"Victims should continuously monitor their bank accounts as well as look for indicators of identity theft. The fact that this has occurred twice within a year means the organisation needs to evaluate its current security measures. Basic security hygiene needs to be adopted by all enterprises, not just financial institutions and this includes secure configurations and vulnerability management, as well as performing specific threat assessment and countermeasures which will reduce the overall risk of future attacks," he added.

"Having robust technical security controls in place is essential for all organisations today. But in addition, it is equally important for organisations to have procedures that support security, and ensure all staff receive appropriate security awareness training," says Javvad Malik, security awareness advocate at KnowBe4.

"We continue to see more and more high-profile attacks take place with social engineering attacks - whether that be to get an employee to hand over credentials, set up a new payment, or send sensitive data. We will likely see more organisations targeted by social engineers, and therefore investing in staff is of paramount importance," he adds.

ALSO READ: London Blue hackers targeting 35,000 CFOs with spear-phishing attacks

Copyright Lyonsdown Limited 2021

Top Articles

Exposure of financial services to phishing rose by 125% in 2020

There was a 125% surge in the number of phishing attacks that financial services and insurance organisations experienced between 2019 and 2020.

Millions of Brits using old and unsecured routers, finds Which? ISPs differ

Which? has warned that millions of Brits are using old Wi-Fi routers, vulnerabilities in which could be exploited by hackers.

Scripps Health suffers a ransomware attack, suspends critical operations

Scripps Health recently suffered a ransomware attack that forced it to suspend user access to its online portal and applications and divert patient care operations.

Related Articles