Sensitive information is among datasets potentially exposed

Millions of South Africans caught up in security incident after debt recovery firm suffers data breach

More than a million South African citizens have potentially had their personal data exposed after a ransomware attack at a debt recovery services firm.

The company in question, Debt-IN Consultants, confirmed this week (September 22) that it had been the victim of a cyber-attack which resulted in a “significant data breach” of consumer and employee personal information.

More than 1.4 million South Africans are suspected to have been impacted by the incident, after Debt-IN says their data was illegally accessed from servers in April this year.

Compromised information may include customer names and contact details, employment and salary information, and debt-related information including payments and balance owed to Debt-IN.


Read more of the latest data breach news


The Durban-based organization said the data leak only came to light last week with the discovery that confidential consumer data and voice recordings of calls between Debt-IN debt recovery agents and financial services customers had been posted on “hidden internet sites” that are only accessible by a “specialized” web browser.

Debt-IN confirmed: “One of our partners alerted Debt-IN to the stolen personal data files while doing a routine, highly focused ‘sweep’ of data posted on the hidden collection of websites that can only be accessed by specialized browsers.”

The company was able to “definitively confirm” that the data was the personal information of customers on September 17.

Chasing debts

Following the discovery, Debt-IN said it is working with authorities to “rapidly gather facts, resolve the issue, and provide ongoing information to clients”.

Mark Essey, CEO, said in a statement: “Debt-IN deeply regrets this cyber-attack, and we apologize unreservedly for the inconvenience and anxiety this data breach has caused our clients, and their customers.


YOU MIGHT ALSO LIKE Netgear fixes RCE flaw in routers’ parental controls feature


“We are taking this matter very seriously. In this age of highly sophisticated information security threats and an estimated 17 billion cyber-attacks around the world every day, Debt-IN is committed to doing all it can to protect clients’ information.

“We reiterate that we view this attack as the act of malicious cybercriminals. From the time this data breach was detected, our guiding principle has been to put our clients first, and we will continue to do so.”

Debt-IN also provided a guide (PDF) for customers detailing what happened and what future steps it will take.


DON’T MISS Fake WhatsApp backup message delivers malware to Spanish speakers’ devices