December 9, 2023

Credit reporting agency TransUnion South Africa announced that threat actors compromised a company server based in South Africa using stolen credentials. Threat actors have stolen company data and demanded a ransom of $15 million payment not to release stolen data.

The hacker group, N4aughtysecTU, which claims to be based in Brazil, is alleging it breached TransUnion South Africa and accessed 54 million personal records of South Africans.

Advertisements

The hacker group reportedly claims the information it is in possession of includes anything from credit scores, banking details and ID numbers after brute forcing an SFTP server that has a password “Password

As a precautionary measure, the company temporarily took part of its infrastructure offline.A criminal third party obtained access to a TransUnion South Africa server through misuse of an authorised client’s credentials. We have received an extortion demand and it will not be paid.

Transunion statement

The company has declared that it will not pay the ransom and hired cybersecurity and forensic experts to investigate the extent of the security breach and believes the security breach only impacted an isolated server holding limited data from South African business.

Advertisements

“We understand that situations like this can be unsettling and TransUnion South Africa remains committed to assisting anyone whose information may have been affected.” – statement

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

WordPress POP CMS Vulnerability

December 9, 2023

Apache Struts fixes Critical Vulnerability – CVE-2023-50164

December 8, 2023

Meta enables Messenger with E2EE by Default

December 8, 2023 2

CISA KEV Update Part II – December 2023

December 7, 2023

Atlassian fixes critical RCE vulnerabilities in its products

December 6, 2023

Microsoft Echo’s on APT 28 exploiting CVE-2023-23397

December 5, 2023
%d