Experian data leak - Personal data has been found online

It's astounding to me that more serious action hasn't been taken against Experian, that the regulator was willing to go on their word. It only underscores the lack of understanding by the regulator of the implications of a data breach like this.

There are two guilty parties here. The fraudster, and Experian for letting a fraudster get hold of that data set, this was not some clever hack, it was social engineering through an obviously weak system. Experian needs a serious kick in the balls by the regulator, not just for letting this happen, but as an example to other businesses to take data privacy seriously.

The ACTS we have in place to ensure and protect data privacy are absolutely meaningless if they are not enforced with teeth.
 
Back in the day when I worked at a credit bureau, I remember one of the rules was that if there was a data breach a credit bureau had to notify every consumer who was in the breach.

Do we know if Experian has actually done this? I don't know of anybody who has received any notification that their data was in the breach.
 
Prof.Merlin said:
Back in the day when I worked at a credit bureau, I remember one of the rules was that if there was a data breach a credit bureau had to notify every consumer who was in the breach.

Do we know if Experian has actually done this? I don't know of anybody who has received any notification that their data was in the breach.
Click to expand...
Banks have send out generic messages, that's all I've seen.
 
I've seen some very generic "don't panic" messages from ClearScore and FNB.
Experian should be fined per consumer who's information has been leaked.

Say R100 a consumer x users. That would help the government fill some of the tax hole, and it would also teach the companies to follow the laws that they blatantly ignore.
 
Maybe the legal experts can give their opinion and advice here?

If people (myself included) want to lay criminal charges against Experian and all of its directors/management, what would the charges be exactly?

I realise POPIA is not enforced as yet, there have to be several laws that Experian has contravened.
 
This is incredibly worrying:

Data from huge Experian breach found on the internet

The personal data of millions of South Africans, "stolen" in one of SA's biggest data breaches earlier this year, has been discovered on the internet, despite assurances that the information had been recovered.
www.timeslive.co.za www.timeslive.co.za

6f09e9377586c701b663eeb3fab2177f.plist

8057018cfd187339e2fef5072d0e5443.plist


https://twitter.com/x/status/1305049017311789057
 
Yup, the email address I use specifically for financial related registrations is all over the internet linked to experian.

Pretty sure all associated bank account details would also be in the dump just looking at the columns listed in the iafrikan article. Essentially this entirely thing is a complete financial dump on each user listed in the dump.

Great stuff.
 
Last edited:
Today I received a WhatsApp out of the blue from someone asking for cash urgently. The thing is, they knew my name. Obviously a scam though.
I can't help but wonder whether this is related.
 
Keep in mind that the fkheads Experian knew this occurred in May 2020 yet only disclosed it in August 2020. That in itself just reeks of complicit as$holery from experian and the fact they hoped it would just silently go away.
 
I cannot believe that their official advice (also splashed on every news site) is actually to register for a credit check (i.e. enter personal details that were just compromised). This won't end until there's jail time on the cards:
1600104481521.png
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter