More than 30 million South African identities exposed online in massive 27GB data breach

CERT-LatestNews ThreatsStrategic

The personal information of at least 30 million South African citizens has been exposed in what is believed to be the biggest data breach to ever hit the country.

The leaked records reportedly date back to the late 1990s and included ID numbers, names, genders, martial statuses, incomes, company titles, employment details and property ownership information. The trove included files on people both alive and deceased.

The 27GB-sized cache was titled “MasterDeeds” and – at least a glance – was seemingly linked to registered home owners in the country. Experts initially believed that it was tied to the government.

The breach was first reported by Tefo Mohapi, founder and CEO of tech and media website iAfrikan.

It has been loaded into the breach notification service Have I Been Pwned, a platform maintained by Australian security researcher and commentator Troy Hunt.

Hunt said that there were “more than 30 million” records in the full dataset. On Twitter, he noted that the files were uploaded to the web in April 2015 – and may have been exposed since then.

The trove of information was linked to a company called Jigsaw Holdings Ltd which had domains registered to a man called Hano Jacobs. One particular domain linked to Jacobs was govault.co.za, a service tied to a Johannesburg business called Dracore Data Sciences.

Online, GoVault was touted as a “goldmine” of information that offered “easy access to the contact details of South African consumers and homeowners” for real estate firms.

Jacobs’ Twitter profile contained a (now removed) direct link to “realty1ipg[dot]co.za“, an estate agency in South Africa that was reportedly once a client of Dracore‘s.

A statement published to Dracore Data Sciences website claimed Jacobs had confirmed the source of the leaked data was a compromised Jigsaw Holdings server.

Chantelle Fraser, CEO of Dracore Data Sciences, added: “We conclusively know that we are not the source of the data leak” She said that the impact of the leak will be “far reaching”.

The true scope – and length – of the business relationship between Dracore Data Sciences and Jigsaw Holdings remains unclear at the time of writing.

Now, any South African citizens who are concerned their personal data was exposed online are advised to check Have I Been Pwned. Hunt said that there are a total of 2.2 million email addresses but “tens of millions of actual identities” in the full database.

He tweeted: “I won’t be loading the government issued IDs; these are sensitive personal identifiers that should be carefully guarded.

“I hope the party responsible for publicly publishing this data is quick to take accountability and notify impacted parties. Let’s not call this a ‘hack’ folks,” he added. “Someone in South Africa literally published their database of the entire country to the public internet.”

South Africa has a total population of approximately 56 million people.

[UPDATE: Hunt has revealed that the database contained 60,323,827 rows in total. “There are many ‘deceased’ records hence total number being higher than the SA population,” he tweeted.

Cape TownSouth African citizens were exposed in massive data leakiStockhttp://www.ibtimes.co.uk/more-30-million-south-african-identities-exposed-online-massive-27gb-data-breach-1643684

Tagged