The South African arm of one of the world’s largest credit check companies Experian yesterday announced a data breach incident that exposed personal information of millions of its customers.
While Experian itself didn’t mention the number of affect customers, in a report, the South African Banking Risk Information Centre—an anti-fraud and banking non-profit organisation who worked with Experian to investigate the breach—disclosed that the attacker had reportedly stolen data of 24 million South Africans and 793,749 business entities.
Notably, according to the company, the suspected attacker behind this breach had already been identified, and the stolen data of its customers had successfully been deleted from his/her computing devices.
“We have identified the suspect and confirm that Experian South Africa was successful in obtaining and executing an Anton Piller order which resulted in the individual’s hardware being impounded and the misappropriated data being secured and deleted.”
Experian South Africa has already reported the breach to law enforcement and the appropriate regulatory authorities.
The company claims there is no evidence indicating whether the stolen data includes consumers’ credit or financial information or used for fraudulent purposes before authorities had it deleted.
“Our investigations also show that the suspect had intended to use the data to create marketing leads to offer insurance and credit-related services.”
“The compromise of personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts. However, criminals can use this information to trick you into disclosing your confidential banking details,” says SABRIC CEO, Nischal Mewalall.
images from Hacker News