Hackers claim attack on South Africa credit agencies, demand ransom

TransUnion and Experian, consumer credit reporting agencies in South Africa, have received ransom demands from the N4ughtySecTU Group, a hacker collective based in Brazil. The group claims to have hacked both agencies potentially exposing the financial and personal data of South Africans, including sensitive credit information and identity numbers.

Despite the hackers' assertions of infiltrating the agencies' systems and their threat to leak the data if their demands are not met, both TransUnion and Experian maintain that there is no evidence of a breach or data theft.

The hackers contacted journalistsi via WhatsApp, sharing the journalist's personal information as proof of their capability. The hackers' message to senior management at both agencies demand $30 million from each, with the caveat that there would be no negotiation on the data's release and no further extensions to their deadline.

TransUnion has acknowledged the ransom demand but asserts that its operations and data security remain uncompromised. Experian echoes this sentiment, claiming the allegations of data theft are baseless and reaffirming their commitment to customer data protection.

Previous breaches have seen similar ransom demands and claims of vast quantities of compromised records. In the aftermath of past incidents, TransUnion has been criticized for inadequate response and disclosure, prompting regulatory bodies to demand more transparency and proactive measures to safeguard against identity theft and financial scams.