South Africa’s official companies database forcing password resets after hack

The Companies and Intellectual Property Commission (CIPC) has posted a notice on its website stating that it has instituted mandatory password resets for all users.

Upon logging in, users will have to provide “verification information”, after which they will be shown a password reset screen.

Some users may also be asked to update their contact details.

This latest notice from the CIPC comes after it suffered a data breach.

While the agency has been coy about the extent of the breach, the hackers who claimed responsibility for the attack told MyBroadband that the CIPC stored passwords and credit card details in plain text.

People’s CIPC login credentials stored on its platform should therefore be considered compromised.

The attackers said they didn’t download the credit card details because their goal wasn’t to hurt innocent individuals.

“Although we want money, we are not after the individuals but the bigger organisations!” a representative of the anonymous ransomware gang told MyBroadband.

However, while these hackers may not have stolen the credit card data, that doesn’t mean other attackers didn’t.

In addition to revealing that people’s passwords and credit card data were exposed, the ransomware group also said they had breached the CIPC’s systems in 2021 already.

They said the agency had done nothing to improve its security in the almost three years since.

It also never disclosed that it had suffered a ransomware attack.

MyBroadband contacted the CIPC to comment on these allegations and it declined to comment, saying that providing answers could expose it to further security risks.

“We are currently handling this matter with the relevant law enforcement agencies,” CIPC chief strategy executive Lungile Dukwana said.

MyBroadband tested the CIPC’s forced password resets and found that it does not appear to be enabled on its BizPortal and old eServices site.

However, its new eServices site for name reservation, company registration, co-operatives, and document systems does pop up a verification screen when logging in.