About 4 months ago Experian gave data to someone who was not authorised to receive it.
This included the information of 24 million South African personally and about 800 000 businesses.
It took Experian about 2 months to discover the mistake. Once they discovered the mistake, the business said that it wasn’t too much of a risk, as most of the information like ID numbers addresses, work info, telephone numbers and home address etc. could easily be obtained in the market. Even the banks were not too worried.
That was a few weeks ago.
Now it appears that 24 000 bank account details of businesses were in the data, and to make us all more worried, Pansy Tlakula, Chairperson of the Information Regulator says they are investigating if more bank account details have been compromised.
The information has been confirmed to have left the country as it was transferred on a Swiss data transfer site by a “Russian person”.
The Sunday Times reported that this could affect up to 90% of the adult working population.
What to do about the Experian data breach
For your own safety
Change all your passwords. Not only your banking log-ins, but social media passwords as well as many of them are used to log into e-commerce websites. There have been a number of reports of people receiving SMS’s from retailers about opening new accounts.
- bank account numbers
- Online Banking username and/or password
- One Time PIN (OTP) to anyone.
If you think you have been compromised
- If you get strange phone calls, WhatsApp messages, emails, from people wanting information, BEWARE! These guys have half the info and they hope to get the rest.
- I have had a couple of warnings this week on sites that are secure, to change my passwords as a database has been compromised
- Get your free credit report – check credit enquiries on your credit report and see if there are any you don’t recognise
- Contact the bank immediately if you suspect your bank accounts or cards have been compromised. Banks have fraud hotlines.
If you are even one bit unsure, don’t give any info over the phone. Rather ask them to send you an email. Once they email you, you will have a phone number to phone and you can check on them.
Make sure you change all your passwords regularly in case another data breach happens.
If you aren’t sure about an email, just delete it. If it was very important, they will send it again.
This is not a one-time thing. Data on people is worth a lot of money, so protect yourself before it’s too late.