Security4.09.2020

Here is the man accused of the Experian data breach

Experian headline

The man accused of fraudulently obtaining personal data of millions of South Africans from credit bureau Experian has been revealed to be Karabo Phungula, the founder of Hi-Pixel Communications.

However, Phungula stated that he has had no dealings with Experian and that he is being framed for the leak of the personal data of 24 million South Africans and 793,749 businesses.

Phungula’s identity was first revealed by iAfrikan. MyBroadband has been able to confirm his identity and interviewed him telephonically for this report.

“Basically, I have no idea what’s going on,” Phungula told MyBroadband.

After being accused of gaining access to the personal data of millions of South Africans by impersonating a legitimate Experian client, Phungula found himself on the receiving end of an Anton Piller order.

He said that a Sheriff of the court arrived at his parents’ home, which is the registered address of his business, and requested all of his computing devices.

An Anton Piller order is a court order which gives the Sheriff the right to search and seize evidence without giving the subject of the order warning. It is granted in civil matters, not criminal, to prevent the potential destruction of evidence.

Phungula said he went with the Sheriff from his parents home to where he lives so that they could seize his computer and two phones to search them for evidence.

Experian told iAfrikan that it found data “containing the keywords of the Anton Piller order” on the hardware that was seized.

History in direct marketing

Phungula has worked in the direct marketing industry for the better part of a decade. He said that from 2010 to 2011, he was an IT consultant for the Direct Marketing Association of South Africa (DMASA).

His role at the DMASA included acting as webmaster for the organisation. In 2011, he responded to MyBroadband’s questions regarding the DMASA website being hacked. Later that year he launched an ad-supported SMS service called KujoSMS.

For the past ten years, he has also been doing lead generation through Hi-Pixel Communications.

He explained that he works as an affiliate with other lead generation companies and he helps to generate sales leads in return for a commission. Some of the work he has done includes generating sales leads for firms in the financial services sector.

Phungula also said that as Hi-Pixel Communications he had a business relationship with the credit bureau Compuscan in 2017, which was acquired by Experian in 2019.

He said that there was a payment dispute between him and Compuscan, as they charged him for data he did not receive.

To resolve the matter, he signed an affidavit declaring that he had not received the data he was being billed for and provided a copy of the data in his possession.

Phungula said that he believes he is being targeted because of this transaction between him and Compuscan that turned sour.

Impersonation of a director of Talis Holdings

When information about the Experian data leak was first reported by the South African Banking Risk Information Centre on 19 August, Experian soon issued its own statement to explain that it was not hacked and assure that no financial information was compromised.

According to Experian, an individual in South Africa who claimed to represent a legitimate client fraudulently requested services from Experian in May 2020.

iAfrikan reported that Experian confirmed that the individual who was impersonated was Tebogo Mogashoa, a director of Talis Holdings.

Phungula said he doesn’t know who Tebogo Mogashoa is, and that he has never dealt with him or Talis Holdings.

He also said that he has received multiple notifications of unknown sign-in attempts on his personal Gmail account and notices of successful sign-in attempts on Gmail accounts that he does not recognise.

One of the unknown sign-in notifications came from [email protected] on a Samsung Galaxy S9 device, which Google states has Phungula’s personal Gmail address listed as the recovery address.

“I have no dealings with those people. I don’t know any of them,” stated Phungula.

MyBroadband asked Tebogo Mogashoa for comment via his personal assistant, but he did not respond by the time of publication.

Leaked Experian data discovered online

When news of the misappropriation of the personal data of millions of South Africans from Experian first broke, Experian was quick to assure the public it had secured the data through an Anton Piller order.

However, security researcher Troy Hunt and iAfrikan reported at the start of September that the data had been found on the Internet.

In addition to discovering the data on the Internet, it was also found that the dataset was far more extensive than Experian first stated.

The database reportedly contained fields for ID numbers, names, addresses, contact information, and employment information.

While Experian had said that no financial information had been compromised, the database contained fields for bank account numbers and branch codes for the 793,749 businesses that were part of the leak.

Experian confirmed the discovery and said it would “take all steps available to us to reduce further dissemination if possible”.

Criminal charges

Phungula said that since the day of the Anton Piller order, he has not been contacted by any law enforcement.

He said he is not certain whether a case has been made against him.

However, Experian told iAfrikan that it has laid criminal charges against Phungula, affirming earlier statements that it is pursuing criminal charges against the alleged fraudster.

MyBroadband asked Experian for comment on iAfrikan’s report and for the case number of the complaint against Phungula.

The company’s full response is reproduced below.

The requested information is subject to legal and law enforcement investigations with the purpose of ensuring that the suspect is brought to justice and we do not want to compromise or jeopardise the outcome of the criminal investigation and legal process.

Experian is mindful not to take on the role of law enforcement in the investigation and entrust the actual criminal investigation to the authorities.

While Experian is investigating the incident with a full team of experts, we continue to co-operate with law enforcement agencies and the regulators. Our priority remains on supporting consumers and businesses in South Africa.

Now read: Experian data breach – Personal data of millions of South Africans found online

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter