How to check if you are in South Africa’s latest massive data leak

A database containing sensitive personal data of South African citizens recently leaked online, as reported by iAfrikan.

The data originated from a traffic fine platform and contains the names, ID numbers, cellphone numbers, email addresses, and plain-text passwords of 934,000 South Africans.

Security researcher Troy Hunt – who runs Have I Been Pwned – worked with iAfrikan Digital founder Tefo Mohapi on the leak.

Mohapi said the data was discovered on a public web server for a local company which processes electronic traffic fine payments. The company is ViewFines.

The database contained the following information on South African users:

  • ID numbers
  • Full names
  • Surnames
  • Cellphone numbers
  • Email addresses
  • Passwords stored in plain text

The data was made accessible by enabling directory listing and browsing of backup databases on a web server.

How to check if you are affected

Mohapi and Hunt have now published the list of compromised accounts on Have I Been Pwned, allowing users to check if they are affected.

Checking if your account has been compromised can be done by navigating to the Have I Been Pwned website and entering your email address into the required field.

This will cross-reference your address with the database of affected accounts, and notify you if your details are compromised.

Due to the sensitive nature of the leak and the exposure of passwords stored in plain text, it is important that users whose details are in the database change their password across all the platforms where it was reused.

Now read: Data leak exposes names, ID numbers, and plain-text passwords of 934,000 South Africans

Latest news

Partner Content

Show comments


Share this article
How to check if you are in South Africa’s latest massive data leak