Claimed breach of data of millions of South Africans ‘a dangerous development’: cyber security expert
The reported breach of a database containing the private data of millions of South Africans is “a very risky and dangerous development”.
This is according to Basie von Solms‚ a director of the Centre for Cyber Security at the University of Johannesburg.
Australian security researcher Troy Hunt took to twitter on Tuesday and told his South African followers that “I have a very large breach titled ‘masterdeeds’. Names‚ genders‚ ethnicities‚ home ownership; looks gov‚ ideas?”
South African followers: I have a very large breach titled "masterdeeds". Names, genders, ethnicities, home ownership; looks gov, ideas?
Hunt is a Microsoft regional director and also a Microsoft Most Valuable Professional for Developer Security.
He is the creator of the website HaveIbeenpwned.com‚ which warns people that their details have been compromised in corporate hacks.
Hunt later said on Twitter that he had confirmed that the breach was legitimate with a number of parties.
He said it affected more than 30-million records‚ and he had confirmed that it included full ID numbers.
“Let us assume that this is real data from real people. This is a very risky and dangerous development. Hackers can get access to ID numbers‚ names and physical addresses. That is the type of information cyber criminals use for identity theft.”
Von Solms said cyber criminals can use that information to obtain credit.
“With enough personal information‚ one can do damage to a person by illegally opening credit accounts or make bookings. It is an extremely big risk. The great risk is to the individual whose data has been breached.”
Von Solms said the big question was whether the data was still where Hunt found it or whether it had been removed.
“He made a back-up. There are others who might have found it and made back-ups.”
Would you like to comment on this article or view other readers' comments? Register (it’s quick and free) or sign in now.
Please read our Comment Policy before commenting.