Jan Vermeulen reports:
The Information Regulator has slapped credit bureau TransUnion with an enforcement notice following a data breach on 18 March 2022.
N4ugthySecTU, the group that claimed responsibility for the attack, alleged that they exfiltrated 4TB of data from one of TransUnion’s databases, including the records of 54 million South Africans.
However, the bureau said far fewer people were impacted.
Initially, TransUnion stated that “at least” 3 million of its South African customers’ details were affected. A further 6 million ID numbers were exposed but not linked to other personal information.
TransUnion revised these numbers in June 2022.
Read more at MyBroadband.za for the findings and conditions the regulator has imposed.