South Africa

Home » News » South Africa

Avatar photo

By Amanda Watson

News Editor

2 minute read

19 Oct 2017

05:20 am

Identity theft threat posed by massive data leak

The company responsible for the leak may escape censure as the Protection of Personal Information Act has yet to be signed into effect by president Jacob Zuma.

If your details are among the estimated nearly 50 million records that were exposed in a massive data leak, you have a problem if the wrong people managed to download it.

Worse still, the company responsible for the leak may escape censure as the Protection of Personal Information Act has yet to be signed into effect by President Jacob Zuma, said Professor Basie Von Solms, director of the Centre for Cyber Security at the University of Johannesburg.

An investigation by iAfrikan CEO and technologist Tefo Mohapi linked Dracore Data Sciences as the company hacked.

Dracore’s managing director Chantelle Fraser denied this and pointed the finger at a company called Jigsaw Holdings, “… a group of companies with an impeccable track record in the property and skills development sector”, according to its website.

Fraser noted Dracore Investments – now liquidated – had an agreement in place with Jigsaw Proprietary Limited during 2014 where Dracore worked with them to enrich their deeds database over a period of six months.

“I believe Jigsaw Group is aware of this data leak and have their IT company – which I also believe is called EPI-USE (not verified) – investigating this matter,” Fraser said.

The Citizen made contact with Jigsaw, which did not return its phone call, as promised.

“To be blunt, there’s nothing we can do at the moment,” said Von Solms.

“The information is out there, and it may be at many different places. If one person could find it then the bad guys, the cyber criminals, could have found it too and would have made copies of it. If it’s out there in the wild, there’s no way to retrieve it or delete it.”

The personal data breach first came to light on Twitter through web security specialist Troy Hunt.

Hunt said the file was called “master_deeds” and even though an import failed partway through, he had managed to obtain more than 30 million records of people, both alive and of those who were deceased, and 2.2 million e-mails.

According to MyBroadband. com, the data goes back to the 1990s and was 27.2GB in size. – amandaw@citizen.co.za

Catch up with the latest news from The Citizen on WhatsApp by following our channel. Click here to join.

EDITOR'S CHOICE

South Africa Joburg seeks to block city manager Floyd Brink’s arrest after ‘showdown’ outside his home
Courts Senzo Meyiwa trial: Defence lawyer feels threatened after men try to enter his yard
Local News Community Chat: What punishment should be given to those who neglect their children?
Courts State won’t oppose bail for senior health official arrested for fraud
Local News Inquest opened after baby buried, allegedly by intoxicated parents in KwaDukuza

Click here to get The Citizen news and updates on Whatsapp.

Find out more

RELATED ARTICLES

Access premium news and stories

Access to the top content, vouchers and other member only benefits

Subscribe