Hackers want millions from Liberty, or will start releasing sensitive data – Report

Financial services provider Liberty stated late on Saturday night that it had been hit by an IT systems breach.
The company posted a notice to its website which said it had suffered “unauthorised access to its IT infrastructure”.
“An external party claims to have seized data from us, has alerted us to potential vulnerabilities in our systems and has requested compensation for this,” stated Liberty.
According to a report in the Sunday Times on 17 June 2018, the hackers have demanded millions from Liberty.
The report stated the hackers have obtained “sensitive data” about “top clients”.
If Liberty does not pay the millions demanded by the hackers, they will start releasing the information they have to the public, stated the report.
The report further stated that “Liberty IT personnel are running around like headless chickens” in their attempts to figure out how much data is at risk and how they were hacked.
The Sunday Times added that a source informed it Liberty executives may be willing to pay the hackers off, and have engaged with them.
Liberty notice
Liberty’s original notice on its website regarding the incident is posted below.
Liberty regrets to confirm that it has been subject to unauthorised access to its IT infrastructure.
An external party claims to have seized data from us, has alerted us to potential vulnerabilities in our systems and has requested compensation for this.
Since becoming aware, we have taken immediate steps to secure our computer systems.
Liberty is investigating the breach and we will endeavour to keep all stakeholders fully informed as appropriate.
We are working hard to rectify the situation.
A Liberty spokesperson told MyBroadband they are investigating the matter, and have secured their computer systems, but cannot provide more information to the media at this stage.
Data exposed
The Liberty hack follows several high-profile data leaks in South Africa, the most recent of which was data from a local traffic fine platform.
The leak included names, ID numbers, cellphone numbers, email addresses, and plain-text passwords of 934,000 South Africans.