Hackers demand ransom after fraudulently accessing TransUnion SA's server

Credit bureau TransUnion SA says it has received an extortion demand from a third party that has obtained access to its server.

TransUnion said the hacker obtained access to its server by illegally using a client’s credentials. 

“We have received an extortion demand and it will not be paid,” the bureau said.

The ransom, according to ITWeb, is R223m. 

“The hacker group, going by the name N4aughtysecTU, which claims to hail from Brazil, is alleging it breached TransUnion and accessed 54-million personal records of South Africans,” the publication said.

TransUnion said when it discovered the incident, it suspended the client's access, engaged cybersecurity and forensic experts, and launched an investigation.

“We believe the incident impacted an isolated server holding limited data from our South African business. We are working with law enforcement and regulators,” the bureau said.

TransUnion, without commenting on how many people are potentially affected by the breach, said it was engaging clients in the country about the incident. The bureau would also notify and assist individuals whose personal data might have been affected.

“We will be making identity protection products available to impacted consumers free of charge.”

“The security and protection of the information we hold is TransUnion’s top priority,” said Lee Naik, CEO of TransUnion SA.

 “We understand that situations like this can be unsettling and TransUnion South Africa remains committed to assisting anyone whose information may have been affected.”

TimesLIVE

Support independent journalism by subscribing to the Sunday Times. Just R20 for the first month.