South Africa credit bureau breached, data reportedly held for $15 million ransom

Written by
Mar 18, 2022 | CYBERSCOOP

One of the top credit bureaus in South Africa has suffered a data breach, and the hackers are demanding about $15 million in ransom, according to news reports.

The country’s arm of TransUnion confirmed Thursday that “a criminal third party obtained access to a TransUnion South Africa server through misuse of an authorised client’s credentials.” The company said the ransom demand “will not be paid.”

South African news site ITWeb reported that a group calling itself N4aughtysecTU, which claims to be be based in Brazil, is taking responsibility.

“We are N4ughtySec Group hackers. We have hacked TransUnion South Africa since 2012,” the group claimed in a Telegram chat with ITWeb. There were no details about the group’s attack, although it claims TransUnion used a weak password in one part of its network.

“We have over 4TB of all their customers’ information. The information includes over 200 corporate companies,” the purported cybercriminals said. “We have been in contact with TransUnion and they have been given our ransom demands. They were alerted on Friday, the 11th March 2022.”

ITWeb said the hackers are asking for bitcoin worth about 223 million in South African

Read More: https://www.cyberscoop.com/south-africa-transunion-data-breach/