The South African Banking Risk Information Centre (Sabric), issued a statement saying Experian had suffered a huge data breach, exposing the personal information of as many as 24 million South Africans and almost 800 000 businesses to a “suspected fraudster”. This raised the spectre of a sharp rise in phishing and other attacks on South African electronic banking customers.

Experian South Africa stated that no consumer credit information or financial information was obtained by a suspected fraudster and that the incident has been “contained”.   Experian Africa CEO Ferdie Pieterse said in a voice note e-mailed to TechCentral that the matter is “under control”. Experian has identified the suspect and the individual’s hardware has been impounded and the misappropriated data secured and deleted.

Sabric stated that Experian reported the incident to law enforcement authorities and was working with “appropriate” regulatory authorities.  “Banks have been working with Experian and Sabric to identify which of their customers may have been exposed to the breach and to protect their personal information, even as the investigation unfolds,” Sabric said in the statement. “Banks and Sabric have also been co-operating with Experian in their efforts to secure the data and ensure the perpetrators are brought to book.”