Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label TransUnion. Show all posts
TransUnion
Data Breach Financial Data hack N4ughtySecTU Group Personal Data Ransomware Groups SABRIC South Africa data breach TransUnion

Hackers Threaten to Leak South Africa’s Private Financial Data, Demand R1.1 Billion Ransom


In a recent cyber threat, hackers have threatened to release all of South Africa’s private financial data unless TransUnion and Experian, the two biggest consumer credit reporting companies in the country, agree to pay ransom of R1.1 billion.  

The companies – TransUnion and Experian – were the ones that were hit by the cybercrime attack. 

According to Times Live, the hackers, the Brazil-based N4ughtySecTU Group, who had previously breached TransUnion's security and firewalls, claimed to have successfully evaded the safeguards of the company once again, following which they stole the data.  

Apparently, the hackers have demanded $30m [about R565m] from TransUnion and $30m from Experian.

The hackers, in a message sent to the managers and directors of the impacted companies, stated: “Ensure your response teams contact us on Session [a private communication platform] for payment instructions.”

While acknowledging the demands, TransUnion and Experian refuted the group's allegations of an ongoing hack on their systems.

“Following recent media coverage, TransUnion South Africa confirms it is aware of a financial demand from a threat actor asserting they have accessed TransUnion South Africa’s data. We have found no evidence that our systems have been inappropriately accessed or that any data has been exfiltrated,” TransUnion said.

“We’ve likewise seen no change to our operations and systems in South Africa related in any way to this claim. We are continuing to monitor closely. We treat matters regarding our information security seriously, and data security remains our top priority,” they continued. 

Not the First Attempt to Hack

Previously, in March 2022, N4ughtysecTU claimed responsibility for targeting TransUnion in their ransomware campaign. 

TransUnion South Africa later confirmed the hack, confirming that at least 3 million individuals were affected.  

Apparently, the threat actors gained access to the personal data of over 54 million people, which included information about their dates of birth, ID numbers, gender, marital status, and other sensitive facts. 

Experian also suffered a data breach in August 2020, reported by the South African Banking Risk Centre (SABRIC). The data breach compromised the personal information of around 24 million individuals and several business entities to a fraudster. 

Karabo Phungula, an Experian data fraudster, was given a 15-year prison sentence in March by the Specialized Commercial Crimes Court for obtaining the dataset under false pretence.   

Read more »
TransUnion
Data Breach Experian N4ughtySecTU personal data leak Ransom Demand South Africa data breach TransUnion

Data Breach Threat: Hackers Target TransUnion and Experian, Demand R1.1 Billion Ransom

 

 In a recent development, two of South Africa's largest credit bureaus, TransUnion and Experian, have been targeted by hackers known as N4ughtySecTU, who claim to have gained access to sensitive financial and personal data of South African citizens.

TransUnion has confirmed the hackers' demand for a R1.1 billion ransom and their ultimatum of releasing the confidential information within 72 hours. However, TransUnion maintains that they have found no evidence of a security breach and that their systems remain intact.

This is not the first time TransUnion has been subjected to cyberattacks. Last year, the hackers demanded a R223 million ransom.

In August 2020, Experian experienced a significant data breach, exposing the personal information of over 20 million South Africans and 793,749 businesses to a fraudster named Karabo Phungula, who was later sentenced to 15 years in prison.

Despite the allegations, Experian has also denied any data compromise, stating that their systems remain secure and that they take such threats very seriously. "Protecting our customers and data is our top priority," Experian asserted.

As the situation unfolds, both TransUnion and Experian continue to monitor the situation closely and maintain that their priority remains safeguarding their customers' data and ensuring the integrity of their systems.
Read more »
User Privacy
Credit Firm Data Breach Data Leak TransUnion User Privacy

TransUnion Refutes Data Breach Reports Amid Hacker's Claims

 

Credit reporting firm TransUnion has refuted reports of a security breach after a threat actor known as USDoD purportedly leaked information stolen from the company's network.

Millions of customers and more than 65,000 businesses from 30 countries are served by the over 10,000 employees of the Chicago-based firm. 

"Immediately upon discovering these assertions, we partnered with outside cybersecurity and forensic experts to launch a thorough investigation," the company stated.  "At this time, we and our internal and external experts have found no indication that TransUnion systems have been breached or that data has been exfiltrated from our environment."

Given that the data and its formatting are different from TransUnion, the inquiry into the claims discovered that the information stolen by USDoD was probably acquired from another organisation's systems. 

"Through our investigation, we have found that multiple aspects of the messages – including the data, formatting, and fields – do not match the data content or formats at TransUnion, indicating that any such data came from a third party," TransUnion added. 

The database allegedly stolen from TransUnion's devices contains a wide range of sensitive information on close to 59,000 individuals worldwide, according to the USDoD listing posted on a hacker site over the weekend. USDoD was a member of the infamous BreachForums (aka Breached) hacking site, which was confiscated by US law authorities in June.

The threat actor was also connected to the failed attempt to sell $50,000 worth of InfraGard's user database on Breached in December 2023 after gaining access to InfraGard through social engineering. 

At the time, Brian Krebs wrote that the Department of Defence (USDoD) claimed that the InfraGard user data was made freely accessible via an Application Programming Interface (API) that is incorporated into numerous essential elements of the website that facilitate communication and connection amongst InfraGard users. 

After their InfraGard membership was granted, according to USDoD, they directed a friend to write a Python script to query that API and retrieve every piece of InfraGard user data that was accessible. 

The data included the private information of more than 80,000 members in InfraGard, an FBI initiative to facilitate intelligence sharing between federal, state, and local law enforcement agencies as well as businesses.
Read more »
Subscribe to: Posts (Atom)