Millions of South Africans affected by Debt-In data breach
Debt-IN Consultants, a professional debt recovery solutions partner to many South African financial services institutions, has announced that a ransomware attack by cyber criminals has resulted in a significant data breach of consumer and employee personal information.
It is suspected that consumer and personal information of more than 1.4 million South Africans was illegally accessed from Debt-IN servers in April this year, but this breach only just came to light with the discovery that confidential consumer data and voice recordings of calls between Debt-IN debt recovery agents and financial services customers had been posted on hidden internet sites that are only accessible by a specialised web browser.
Debt-IN says is working closely with the regulator, law enforcement agencies and other cyber-security partners to rapidly gather facts, resolve the issue and provide ongoing information to clients. The company says while the investigations are ongoing and the analysis subject to change, the findings to date show there has been no further breach and enhanced data protection measures remain securely in place.
The company has taken immediate and appropriate actions to reinforce existing security measures and to mitigate any further potential impacts of the breach, including assembling a team of highly regarded and globally experienced cyberbreach and forensic experts to work with Debt-IN on the incident.
“Debt-IN deeply regrets this cyber-attack, and we apologise unreservedly for the inconvenience and anxiety this data breach has caused our clients, and their customers,” says Mark Essey, CEO.
“We are taking this matter very seriously. In this age of highly sophisticated information security threats and an estimated 17 billion cyber attacks around the world every day, Debt-IN is committed to doing all it can to protect clients’ information. We reiterate that we view this attack as the act of malicious cybercriminals. From the time this data breach was detected, our guiding principle has been to put our clients first, and we will continue to do so,” says Essey.