The personal information of millions of South African individuals and companies could have been leaked on to the Internet in the wake of the Experian data breach.
In a statement issued last night, the credit agency says: “Experian continues to investigate the isolated incident in South Africa involving a fraudulent data inquiry. As a part of this investigation, we have identified files which we believe contain Experian data relating to the incident on the Internet.
“We continue to investigate these files and will take all steps available to us to reduce further dissemination if possible. We can confirm that a criminal case was opened last week in South Africa and the matter is now in the hands of law enforcement.”
The company adds that it has communicated with customers on how they can protect themselves, and reiterates that “no sensitive consumer credit or financial information was obtained by the fraudster in this incident”.
The breach is thought to have exposed some personal information of as many as 24-million South Africans and 793 749 business entities to a suspected fraudster.
The data was compromised when an individual, purporting to represent a legitimate client, fraudulently requested services including the release of information which is provided in the ordinary course of business or which is publicly available.