Security warning to business owners in South Africa
The Companies and Intellectual Property Commission (CIPC) database was hacked, exposing South African business owners’ usernames, passwords, credit card details, and other sensitive information.
Last week, the CIPC said there was a security breach where personal information was unlawfully accessed and exposed.
The CIPC notified South Africans of the security breach and the compromise of clients’ and employees’ personal information, which was held on the CIPC records.
MyBroadband reported that the compromised data included usernames, passwords, ID numbers, full names, physical addresses, and even credit card details.
Earlier this week, the CIPC posted a notice on its website stating that it has instituted mandatory password resets for all users.
“In line with securing customer accounts, CIPC has implemented a new customer verification process for SA ID holders as well as Foreign Passport holders,” it said.
Although the CIPC did not mention being hacked in this notice, it is highly likely linked to the security break and the exposure of passwords.
Today, the CIPC released a statement reiterating that it experienced a security breach that exposed sensitive information.
It said it is important to mention that the CIPC is not the only organisation that has been subjected to such a breach.
“There has been a massive increase of cyber-attacks within South Africa and it would seem that as a jurisdiction, we are being targeted,” it said.
“As soon as the breach became known, the CIPC proceeded to comply with all requirements in terms of the Protection of Personal Information Act, 4 of 2013.”
This included notifying the Information Regulator, the South African Police Service and the State Security Agency and publishing a media statement.
“All reasonable steps are being taken to ensure that the CIPC systems and platforms are protected from unlawful and unauthorised access and abuse,” it added.
The CIPC said it would continue to transact and service its clients efficiently in all areas of its core mandate.
It said it has always been aware of the possibility of attacks against its databases. As such, it invested in the best technology to secure the data kept on our registers.
Comments