The Telkom website is exposing the personal details of people, including their ID numbers, contact details, marital status, and home addresses.
The personal details are exposed when a new customer opts to sign up for a service, and is redirected to an online form.
The online form already contains the details of another person, though. Where this information is pulled from is currently unclear.
This happened multiple times when MyBroadband investigated pricing on the Telkom website, but no pattern could be identified.
Telkom was alerted to the security problem, and it is understood they have applied a patch to resolve the issue.
The screenshots below show the extent of the personal information which was exposed through the security bug.