File image: IOL.

CAPE TOWN - Following the massive data breach in October last year which saw over 30 million South African’s confidential information exposed on an unsecured internet server, we take a look at how card details can be kept safe. 

General Manager at information technology company, Altech Solutions, Attie van der Linde says that card details can be kept safe using technology. He tells how this can be achieved. 

The breach that put millions of South African’s at risk was discovered by Australian security developer, Troy Hunt. 

It was later investigated by the Department of Home Affairs in late October. 

This followed the suspicion that the breach may date as far back as two years. 

"The worrying thing about it is that the time stamp on the data dates all the way back to April 2015, so I don't know if that's been used for the last two-and-a-half years or if the data was just downloaded two-and-a-half years ago", Troy told a local media house.

According to the 2017 Cost of Data Breach Study: Global Overview by IBM Security and Ponemon Institute, hacks and unintentional breaches cost South Africa R28.6 million in 2016. This cost had risen to a staggering R34.2 million in 2017. 

In 2017, 43% of data breaches involved malicious or criminal attacks. This decreased by 6%, compared to 2016. 


The breach came shortly after the June release of the 2017 Cost of Data Breach Study, which said that SA had the highest prospect of experiencing a data breach within the next 24 months. 

Van der Linde says that although some people react cautiously now, there is good news which could let them lower their guard. 

When a merchant swipes a card through a system that has been annually verified via the Payment Card Industry  Data Security Standard (PCI-DSS), card details are securely processed with each swipe, says Van der Linde. 

The PCI Security Standard Council, a global body and the PCI DSS certification are protective measures. It aims to optimise the security of credit and debit card transactions. This essentially aims to protect cardholders against the misuse and abuse of personal information. 

Van der Linde adds that merchants must comply with PCI Security Council standards that are improved annually. 

ACS assists merchants with these requirements. 

This security standard and measure provides consumers with peace of mind. 

Although PCI DSS has been around for quite some time, not every merchant budgets for these compliance requirements, notes Van der Linde. 

“Collectively we all have a responsibility to ensure we keep data secure”, concludes Van der Linde.