A few months ago South Africans learned that over 60 million ID numbers had appeared online for anybody with the technical acumen to grab.
In addition to this the details of 12.4 million minors also appeared online.
Now, we’ve learned that this has happened again it could be worse.
Working with HaveIBeenPwned founder Troy Hunt, local news house iAfrikan reports that 934 000 personal records of South Africans have been found online.
The data contains full names, ID numbers, email address and passwords (which were reportedly stored in plain text).
The dataset was provided by an anonymous source who found it on a publicly accessible server which allegedly, “belongs to a company that handles electronic traffic fine payments in South Africa.”
That is a rather cryptic description because there are a number of ways for South Africans to pay fines electronically, so determining exactly which service is the offender is a guessing game at this point.
iAfrikan reports that, much like last year’s data breach, this appears to be a case of negligence. Of course, we don’t know that for certain just yet.
Hunt has said that South Africans will be able to determine whether their data was exposed online by 24th May on HaveIBeenPwned.
Our advice to readers is to change any passwords you might have used to pay fines online and be sure to change them if they’ve been used anywhere else.
Details are still thin on the ground at the moment but we will be sure to update you as and when new information comes to light.
[Source – iAfrikan]
— Troy Hunt (@troyhunt) May 23, 2018