South Africa’s major banking groups have responded to the major data breach at credit bureau Experian, where the personal details of as many as 24 million South Africans were exposed to a third party.
Experian, a consumer credit reporting company, said on Wednesday (19 August) that it experienced a breach of data which has exposed some personal information of as many as 24 million South Africans, and 793,749 business entities, to a suspected fraudster.
The breach has been reported to authorities, and South African banks have been working with Experian and South African Banking Risk Centre (Sabric) to identify which of their customers may have been exposed to the breach and to protect their personal information, even as the investigation unfolds.
“Our investigations indicate that an individual in South Africa, purporting to represent a legitimate client, fraudulently requested services from Experian,” the company said in a statement.
“The services involved the release of information which is provided in the ordinary course of business or which is publicly available.”
“We can confirm that no consumer credit or consumer financial information was obtained. Our investigations do not indicate that any misappropriated data has been used for fraudulent purposes.”
Experian added that its investigations show that the suspect had intended to use the data to create marketing leads to offer insurance and credit-related services.
In response to the breach, banks have told their customers to take various security measures such as changing passwords and registering with South Africa’s fraud prevention services.