Dracore Data Sciences has refuted suggestions it is responsible for the leak of the personal data of millions of South Africans.
This follows a report that linked the leak to Jigsaw Holdings, and connected Dracore’s GoVault service to Jigsaw.
A blog post published by Dracore CEO Chantelle Fraser said the leak originated over the SSL port at a server with the IP address 220.127.116.11, which traces back to the Era properties webserver.
A report from iAfrikan CEO Tefo Mohapi states the database has been removed from the Jigsaw webserver.
Dracore also published an email which it said was from a former employee at Jigsaw, who confirmed the IP address corresponds to Jigsaw’s main web server at Hetzner.
The data in question was hosted in a MySQL database running on an Apache web server. Dracore said it uses Microsoft SQL servers and Microsoft’s IIS web server, which means the leak could not have originated from its servers.
On the question of Dracore’s relationship with Hano Jacobs, to whom the GoVault.co.za domain is registered, Fraser said they were exploring business avenues involving software development in 2013.
“However, [we] ended this exploration in early 2014 as we did not have the capacity or time to fulfill on our ideas,” said Fraser.
Fraser said Jigsaw used to be a client of Dracore Investments. The companies signed an agreement on 3 July 2014 to enrich their deeds database over a period of six months.
Their agreement terminated at the end of the six months, and that arm of Dracore was subsequently liquidated.
As part of the agreement, Jigsaw signed a clause taking responsibility for the security and integrity of the data, said Fraser.
“Today has been a really tough day for my team. I started my journey into entrepreneurship in 2013 and have always operated my business on the premise of integrity,” said Fraser.
“We conclusively know that we are not the source of the data leak.”