Dis-Chem discloses data breach of 3.7 million client records


Who's the Boss?
Staff member
May 24, 2010
Dis-Chem data breach — 3.7 million client records exposed

Dis-Chem Pharmacies has revealed that nearly 3.7 million of its clients' records were compromised during an incident involving a third-party service provider.

The pharmacy group explained that it had a contract with the third-party service provider and operator to develop a database that contained personal information necessary for the services offered by Dis-Chem.
The amount of data breaches is just getting ridiculous. And very often it is the 3rd parties involved that is obviously negligent and/or incompetent.

We don't have a choice in sharing and trusting them with our personal data, but they are not trustworthy. Why have Dis-chem not notified the individuals whose information was exposed?

There are no consequences for these companies. So much for the usefulness of the POPIA act. Just like all the other laws that the ANC implements. Means nothing!
Yeah well.... another day, another breach. No wonder syndicates are targeting individuals, taking out policies and killing citizens....
We gets me is that companies get fined (and rightly so) for these data breaches and they need to declare it but government systems (DHA) properly the weakest link here.
But if you refuse to give them your information (because companies can't be trusted with it), then you're the jerk / being unreasonable.

I signed up for an FNB account telephonically a while back - up to the point where they said I have to agree to "third party access" to my information, which I decidedly declined.
The lady then informed me that you can't get a credit card, only a debit card.
Fine I said, but I reiterated 3 times that I do not consent to any data collection. Ok she said.

A week later I receive a credit card only - which I explicitly refused, as it opts you into data collection.
Told them to shove the account.

If they refuse to honour your express decision to not want to be opted into data collection and sharing with their undisclosed third parties, then how the hell can you trust them going forward?

It looks like the "[x] Don't share my information with X, Y and Z" doesn't mean jack these days.