Credit scoring and comparison company Experian may have exposed the private data of 24 million South African customers and 800,000 companies in a cybersecurity breach.
The credit bureau said the “isolated incident in South Africa” was now being investigated and that the suspected person behind the hack had had their hardware being impounded and the misappropriated data being secured and deleted.
Experian is pursuing collaborating with law enforcement and relevant authorities.
Experian South Africa notified the National Credit Regulator and the Information Regulator of the incident after it was made aware of the breach.
“Our investigations indicate that an individual in South Africa, purporting to represent a legitimate client, fraudulently requested services from Experian,” said Experian in a statement. “The services involved the release of information which is provided in the ordinary course of business or which is publicly available. Experian South Africa’s bureau infrastructure, systems and database have not been compromised, and there was no breach of Experian South Africa’s systems.”
Experian said that “no consumer credit or consumer financial information” was compromised in the breach.
“Our investigations do not indicate that any misappropriated data has been used for fraudulent purposes,” said the company. “Our investigations also show that the suspect had intended to use the data to create marketing leads to offer insurance and credit-related services.”
Copyright © 2018 RegTech Analyst