Data Breach Confirmed by TransUnion at Its South African Business 

Data Breach Confirmed by TransUnion at Its South African Business 

TransUnion, the credit reporting behemoth, has revealed a data breach impacting its South African operations. Profit-driven cybercriminals appear to have targeted the firm. In a recent statement, the business told that cybercriminals used a client’s credentials to access a TransUnion South Africa computer. The impacted client’s access was suspended, and some services were put down after the breach’s identification. 

According to the corporate entity, only an “isolated server holding limited data” from the company’s South African operations. The attack has been claimed by a gang that purports to be operating out of Brazil. The South African technology news website MyBroadband disclosed that the attackers claim to have taken 4GB of files, including the personal information of 54 million South Africans. 

Even though South Africa has approximately 60 million people, TransUnion claims on its Facebook page that it “maintains credit data on more than 24 million credit active South Africans.” The hackers, who go by the moniker N4ughtysecTU, claim to have sought a ransom of $15 million. The extortion attempt has been confirmed by TransUnion, but the company stated that it would not pay the ransom amount. 

It’s unclear if the hackers used file-encrypting ransomware in the attack or whether they’re just trying to generate money by taking data and threatening to make it public. The hackers claim to have hacked into the networks of many international organizations, including banking institutions and major automobile manufacturers. If confirmed, it’d be the second Brazilian gang to target large corporations. Lapsus$ has claimed responsibility for attacks against NVIDIA, Samsung, Ubisoft, and Vodafone, claiming to have stolen source code in most cases. 

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Share: