[ad_1]
Notification service of exposure of personal data They have cheated me? has sent notifications to more than a million South Africans about a data breach that has connected to Experian.
The South African Banking Risk Center (SABRIC) announced On August 19, a data breach at Experian exposed personal banking-related information for up to 24 million South Africans and nearly 793,749 businesses.
Following the report, Experian issued a statement to clarify the nature of the incident, saying it was not hacked and that no financial information was compromised.
According to Experian, a person in South Africa who claimed to represent a legitimate client fraudulently requested services from the company in May 2020.
Experian discovered the alleged fraud in July 2020 and disclosed the matter to the South African information regulator and the public in August.
Experian Africa CEO Ferdie Pieterse has also stated that they are pursue criminal charges against the alleged fraudster.
As Experian tried to minimize the severity of the leak, South African banks were giving clients advice on how to stay safe from potential identity theft and phishing attacks.
This caused a lot of confusion and raised questions about the severity and potential impact of the leak.
iAfrikan, along with Have I Been Pwned’s Troy Hunt, now reported They have found a database containing the stolen Experian data on the public internet.
Sensitive personal information exposed
Hunt claimed that only 1.3 million of the records contained in the data breach contained email addresses. However, the entire database contains entries for “tens of millions of people.”
iAfrikan also reported that the dataset contains much more personal information than Experian initially left behind.
This includes identification numbers, names, addresses, occupations, and other job information.
The company data found in the violation includes fields for financial information, such as bank account and branch numbers.
Experian: we continue to investigate the leak
According to reports by Hunt and iAfrikan, this dataset is connected to the leak originally disclosed by SABRIC on August 19. Experian has also confirmed this.
“Experian continues to investigate the isolated incident in South Africa involving a fraudulent data query,” the credit bureau told iAfrikan.
“As part of this investigation, we have identified files that we believe contain Experian data related to the incident on the Internet. We continue to investigate these files and will take all available steps to reduce disclosure if possible. “
Experian dataset contains old email addresses
Following the notification of the Have I Been Pwned violation, a member of the MyBroadband forum whose email address was in the database contacted us.
This MyBroadband forum member explained that the email address contained in the Experian data leak is a unique address that he hasn’t used since 2012.
“It was an email address that I used exclusively for FNB in 2012 before switching to a unique and different email address due to spam, as FNB gave my unique FNB email address to their marketing partners,” he said .
“I am surprised that the unique email address I used after 2012 for FNB is not included in the Experian data breach.”
Now Read: How To Protect Yourself After Experian Data Breach
[ad_2]
