- TransUnion believes claims by its alleged hackers that 54 million South African records were compromised are actually from an old incident that doesn't involve the company
- TransUnion announced on Friday that it had been hacked and received a ransom demand that it said "will not be paid".
- South African banks are working with TransUnion to protect their clients' bank accounts and personal data in the wake of the attack
TransUnion believes claims by its alleged hackers that 54 million South African records were compromised are actually from an old incident that has nothing to do with the current cyber attack on the credit bureau.
"We believe that the 54 million records relate to a 2017 data incident unrelated to TransUnion," it told Fin24 on Saturday.
TransUnion announced on Friday that it had been hacked and received a ransom demand that it said "will not be paid". The hackers, apparently named N4aughtysecTU, gained access to an "isolated server holding limited data from our South African business" by misusing an authorised client's credentials.
N4aughtysecTU had told IT Web it had 4 terabytes of client information and had accessed some 54 million records, including data from over 200 corporates. It reportedly threatened to attack TransUnion's corporate clients if the credit bureau didn’t pay it $15 million (about R223 million) in Bitcoin.
TransUnion said on Saturday that its team is "working closely with external experts to gain a comprehensive understanding of what data was affected."
Meanwhile, South African banks are working with TransUnion to protect their clients' bank accounts and personal data in the wake of the attack, according to the SA Banking Risk Information Centre (Sabric).
"Sabric has already engaged TransUnion South Africa with the aim to coordinate the banking industry’s efforts to secure bank customers’ profiles against abuse," CEO Nischal Mewalall said in a statement on Saturday
He said SA banks have put in "place robust risk mitigation strategies to detect potential fraud on accounts and protect customer personal information".
Mewelall said that having access to people’s personal information did not guarantee the hackers access to customers’ banking profiles or accounts, but warned that "criminals can use this information to impersonate people or trick them into disclosing their confidential banking details."
Sabric said people should not disclose personal information such as passwords and PINs when asked to do so by anyone via phone or email, and that requests for personal information should be verified first.
In 2020, another credit bureau, Experian, suffered a data breach, which potentially exposed the information of 24 million South Africans. In 2021, Debt-IN Consultants, a debt recovery partner to many South African financial services institutions, got a ransomware attack. It is estimated that the personal information of more than 1.4 million South Africans was illegally accessed from its servers.
Banks have not been spared either. Absa announced a data leak in November 2020, and it has been identifying more impacted customers this year, almost a year-and-a-half after the incident. Standard Bank also identified a data breach on its LookSee platform in November last year