Home Affairs set to investigate massive data breach

File image: IOL

File image: IOL

Published Oct 19, 2017


PRETORIA -  The Department of Home Affairs has confirmed that it will be investigating the massive data breach that was reported early this week.

This comes after the records of as many as over 30 million South Africans were exposed on an unsecured internet server.


An Australian security developer, Troy Hunt made the discovery and took to Twitter to reach out to South Africans to see if the data breach was legitimate. 

It’s suspected that the data may have been uploaded around two years ago.

The Home Affairs Department was only able to confirm that it was looking into the data breach, but is committed to providing a comprehensive response. Troy Hunt says it’s not known how many unauthorised parties have accessed the data.

"The worrying thing about it is that the time stamp on the data dates all the way back to April 2015, so I don't know if that's been used for the last two-and-a-half years or if the data was just downloaded two-and-a-half years ago", Troy told a local media house. 

The two Gauteng-based companies with apparent links to the data have accused each other of being responsible for the breach.

The Department of Rural Development and Land Reform said they have noted the claims of hacking and the alleged accessing of Deeds Registry information. They said they were looking into the matter. Online publication iAfrikan said the data was still available publicly on the internet for anyone to download and that the information was related to South Africans, both dead and alive.

The publication named a credit bureau, which has a database of information and consumer contact details, that they believed was involved.

An analyst also told the media that the information appeared to be from a credit bureau "because one of the fields was titled CPC (Credit Participation Certificate)". They said the data appeared to be accurate and was from about five years ago.  


Related Topics: