South Africa has been hit by a crippling cyber nightmare. This is none other than the data breach of more than 30 million South Africans.
For a long time, Africa has been sidelined when it comes to matters of technology. But this is no longer the case as the digital revolution has reached almost all parts of the world. South Africa can be termed as a hub of technology along with other industrial developments in Africa. But this has not come without a cost to it in many ways. Most of the shortcomings associated with the use of modern technology in the country’s organizations are fatal.
They are often prone to cyber attacks in which hackers make their way into the country’s systems and manipulate it to their advantage. The latest cyber attack has caused the personal information of over 30 million South Africans to be compromised. The attack was revealed by an Australian IT researcher by the name Troy Hunt. It is not clear what the hackers intend to do with the stolen data, but it’s clear that the information is not in safe hands.
The Australian IT researcher has tweeted to his South African audience some details about the compromised information. He stated the stolen data contains the names of 30 million people, as well as information of homeownership and their gender and ethnicity. He also linked to a compiled dataset containing the types of information that was exposed.
Hunt is the creator of the popular platform Have I Been Pwned? The site can be used to help potential cyber attack victims find out if their accounts were subject to a massive hack such as the one involving South Africans.
In this website, Hunt has requested for well-wishers to fund his project. He has explained the hustle he has gone through to launch and host the website. News about the stolen data from South Africa was initially communicated to Hunt by a supporter of the site.
Hunt states that the data which was stolen from the South African government and other institutions was published on a web server. This web server was easily accessible by the public and open to anyone who wanted to get the information.
Another research manager from Africa by the name Jonathan Tullett weighed in on the revelations. Tullett, who specializes in IT services for IDC sub-Saharan Africa, has stated that the South Africans’ title deeds and registry has been hacked and compromised.
This kind of breach is seen as a big blow to the organizations and institutions mandated to keep data safe on behalf of the general public.
The data, according to Tullett, is prone to be used by hackers for fraud and other criminal activity associated with the lost credentials.
It is seen as a form of incompetence from the web server owners to mitigate the loss of sensitive information to the general public. This is a case and matter to be penalized for such gross doings, even if it will not fully help the members of the public who lost their sensitive data to unknown people.
The repeated loss of sensitive information in countries such as South Africa prompted major companies like IBM and Ponemon Institute to research and show the level of resources lost in the process.
Their report, released earlier this year, has revealed a great loss of financial resources especially to the South African people and institutions associated with major data breaches.
According to the research by the two companies, the average cost of a data breach in the country is very high.
This is with an exact value of about R32.36 million, which has come as a great increase from last year’s result of about 12 percent.
According to the research, it is evident that malicious attacks by elite hackers are the main source of data breaches that hit South Africa.
The result of this research has also revealed that a lack of rule of law by the government has contributed to data breaches in most companies. It has also been cited that due to the increasing popularity of mobile platforms, the level of data recovery in case of a breach varies from one country to another.
Hunt has been in the forefront to bring into the rim light of any data breaches in South Africa.
His site was a key whistle-blower of a data breach in South African cinema chain Ster-Kinekor, which rendered that the information of about six million South Africans had been compromised. A lot is being done by legislators to mitigate and reduce instances of a data breach. This includes a law called the Protection of Personal Information Act (PoPI), enacted by federal legislators. It has been proven by the study that the faster the notice and response of data breach, the less expensive the recovery process. The research also found that every piece of stolen information or data breach would cost companies about $124.
The study weighed the results against 11 countries distributed all over the world including the United States, Germany, Canada, France, the United Kingdom, Japan, Saudi Arabia, the United Arab Emirates and South Africa.
The report figured that these were the most developed countries worldwide to give a well-distributed result on the study. The South African information regulator has come out clear to all companies holding personal information to be compliant with the PoPI law.
When this act is fully in use, the data holders are responsible and liable for anything that happens with the information.
This is in order to regulate the holder from being ignorant with handling the information. The law of this act clearly states that if anyone is convicted, he or she is entitled to a maximum imprisonment of 10 years. At the same time, they may be fined an undisclosed fee that may reach up to R10 million.
All this is meant to help mitigate the breach of data as seen this time around, where the South Africans will have to bear with the situation until the law is in place.