The biggest ever SA data leak has happened. A panic is the biggest ally of cyber-criminals, but certainly our greatest enemy. Hence, we now need to stay calm and prevent greater consequences of this unfortunate event.
The introduction of new information and communication technologies brought numerous benefits to organisations, individuals and communities. However, rapid technological advancements have positioned modern societies in a constant state of flux, hence increasing possibilities of cybersecurity breaches, fraudulent activities and data leaks.
Countless data breaches happen daily all over the world, so it becomes impossible to register and keep track of all of them. One of the latest inclusions in the list of biggest data leaks in the 21st century features Equifax, one of the largest credit bureaus in the US. This leaked data exposed personal information, including Social Security Numbers, birth dates, addresses, and in some cases drivers’ license numbers, of 143 million consumers; 209,000 people also had their credit card data exposed.
Something similar has happened in South Africa but on a slightly smaller scale. It was, actually, a disaster waiting to happen – as South Africa is listed as one of the top-ten globally most vulnerable countries to cyber-attacks. Now the disaster has happened. It is reported that, in what was considered to be the SA’s biggest data leak, anything between 30 million and 60 million personal and financial records of living and deceased South Africans has been publically exposed. This includes confidential information about personal ID numbers, addresses, race group, marital status, occupation, income, employment history, company directorships and employer details. All this data can be used for further deceitful, cybercrime-related activities.
Data breaches are generally bad news, but some data leaks are more damaging than others. The number of compromised records should, however, not be the main concern. A greater concern should revolve around the question of how much further risk or damage the breach can cause. It is important to note that the SA public data exposure was not a result of a cyber-attack but, according to the preliminary reports, an effect of negligence. The data were served to potential cyber attackers free of charge. This courteous opportunity will not be missed even by some less-skilled cybercriminals. Hence, the potential danger should not be underestimated.
I am not focusing on what organisation was breached and how it was done, as this has already been widely reported and discussed. Instead, I will focus on the fact that the breach has occurred and many of South Africans are now potentially endangered. Hence, we share a few brief, hopefully useful, post-breach cybersecurity tips.
Stay calm and help yourself
The first assumption regarding any big data leaks should be that we are affected. This means that we should do some homework and find out, by ourselves or with the professional help, if this is true.
If the breach of confidentiality of our data has happened, our homework should generally revolve around strengthening personal login credentials, monitoring our accounts, creating fraud alerts, and collecting relevant information – such as credit reports.
Reporting this unprecedented data breach in South Africa, many commentaries suggest that people should check at https://haveibeenpwned.com if they have been pwned. Although this might help, here is a word of caution. This website might be credible but there is a real danger that the site can easily be cloned and then offered to unsuspicious users to reveal their confidential credentials. Even if people disclose only their email addresses, it can give cybercriminals an opportunity to use these addresses for phishing campaigns, which potentially can cause material, financial or reputational losses.
Changing email passwords at fairly frequent terms (3 to 6 months) is a good preventive measure. However, in a suspicious situation, changing and strengthening email-related and other sensitive passwords is a must! If the same password is used for multi-purpose access, it should be changed immediately.
Checking the existing banking and credit accounts for suspicious transactions and requiring reports from credit reporting agencies in order to check for possible new accounts in our names are helpful activities. Doing this, we can stop fraudulent activities at their inception stages. Obtaining free credit-monitoring reports can be the first useful step in that regard.
However, in this volatile world, people should be continuously diligent, not only when breaches (like this South African one) happen. In some severe cases, temporarily freezing banking and other endangered accounts should be considered. Our liability might well depend on how quickly we detect and report suspicious transactions.
We should also be aware of fake data leak claims, as this is another way to evoke panic and trick unaware users into revealing their personal, business-related or other confidential information and credentials. Like fake news, fake cybersecurity alerts are becoming more common, coming either from fame-seeking people or as part of social engineering campaigns. In both cases, these false alerts can induce fear and panic – a rewarding environment for cyber-criminal activities.
These are not, by all means, exhaustive bits of advice but only ‘first aid’ tips. If you are unable to do post-data breach cybersecurity hygiene on your own, it is advisable to seek professional help. If uncertain who to contact for help regarding personal data theft, the South African Fraud Prevention services could be a good starting point.