CIPC records breached

[Hanno Labuschagne]

CIPC records breached

The Companies and Intellectual Property Commission (CIPC) has revealed it suffered a security breach leading to the compromise of its clients' and employees' personal information.

The CIPC, which is part of the Department of Trade, Industry, and Competition, put a notice on its website about the incident on Thursday, 29 February 2024.

 

[My_King]

Nice, get kies etter to threaten the hackers

 

[Fulcrum29]

Unfortunately, certain personal information of our clients and CIPC employees was unlawfully accessed and exposed. CIPC clients are urged to be vigilant in the monitoring of credit card transactions and ONLY approve/authorise known and valid transaction requests. The extent of the exposure is being investigated and will be communicated as soon as possible.

 

[gotaway]

Storing unencrypted credit card details

 

[WAslayer]

If that's the case, then it doesn't sound like CIPC had been storing credit card information in accordance with relevant compliance...

 

[Fulcrum29]

If that's the case, then it doesn't sound like CIPC had been storing credit card information in accordance with relevant compliance...

That is what I was thinking.

 

[quovadis]

Great. /s

I was wondering why CIPC was so dead-ass slow most of last month.

 

[Swa]

CIPC publishes personal details in any case. Is that not against POPIA?

 

[Swa]

If that's the case, then it doesn't sound like CIPC had been storing credit card information in accordance with relevant compliance...

Credit card information doesn't even need to be stored as it can be tokenised.

 

[quovadis]

Credit card information doesn't even need to be stored as it can be tokenised.

Under best practice of course. Does it sound like best practice if they're concerned about it? Also, CIPC has a rather unique hook into government, credit and third party data. For verification of things like directors it authenticates you by querying things like your mother or father and their personal information so who knows the extent...

 

[RedViking]

Ai toggie

 

[Acinixys]

If that's the case, then it doesn't sound like CIPC had been storing credit card information in accordance with relevant compliance...

CCInfo.txt

 

[dontcryforme]

A complaint should be made to the payment platform as well. If they allow hosts to store customer card information unencrypted and does not take action, they are just as guilty as the hackers stealing the data. Any good lawyer can argue that in civil claims court.

 

[rvZA]

So far, it would seem the most offenders of the POPIA Act seems to be government. If I was Cyril, I would have recalled the Act to protect what is left of the ANC's legacy.

 

[hj007]

So far, it would seem the most offenders of the POPIA Act seems to be government. If I was Cyril, I would have recalled the Act to protect what is left of the ANC's legacy.

No, this is as planned. Only common citizens are made to be criminals, the State is immune.

 

[richjdavies]

I'm just here thinking that really the CIPC information is too hard to access vs other countries.
SA isn't even on opencorporates!

 

[Sapphiron]

No, this is as planned. Only common citizens are made to be criminals, the State is immune.

Yep, government departments need not comply.

 

[RonSwanson]

Black Excellence!

Lekker Transformation, Cadre deployment, BEE and AA!

 

[gotaway]

Black Excellence!

Lekker Transformation, Cadre deployment, BEE and AA!

The decolonisation continues!

 

[RonSwanson]

CIPC publishes personal details in any case. Is that not against POPIA?

Nope. Directors' personal information is public. The dissemination of this info is fair use, there is a logical reason for it.