Telkom raids company for stealing customer data
Telkom said it executed a search and seizure court order obtained from the Gauteng High Court against a third-party company that was alleged to have fraudulently accessed client data in September.
The search and seizure operation was carried out on the premises of the Johannesburg-based company and the residence of a Telkom franchisee employee.
Telkom said the raid resulted in confiscating data and records that were urgently needed to determine the extent of the allegations against the perpetrators.
A whistleblower notified the mobile operator about the alleged fraudulent customer poaching.
The franchisee employee allegedly leaked customer data to the third-party company after having access to it throughout their job.
Investigators believe the third party illegally accessed this information to poach customers from Telkom. However, nothing points to Telkom customers suffering any financial losses.
Telkom said that the impacted customers were alerted as soon as the investigation allowed for it.
The mobile network also notified the South African Information Regulator, as required by the Protection of Personal Information Act, 2013.
Telkom has reported a criminal case to the Hawks and is taking legal action against the perpetrators.
“Telkom regards its customers’ interests and data as paramount,” the network provider said.
“Upon being alerted of the breach of customer information during September 2024, we immediately launched an inquiry, which has now resulted in a search and seizure.”
It says that several mitigation strategies have been implemented to strengthen its current data access protocols and reduce the risk of a repeat breach.
Data breaches like these are not new to the country. A recent Allianz report listed South Africa as 14th among the countries hardest hit by such attacks.
“A rise in ransomware attacks, including data exfiltration, is a consequence of changing attacker tactics and the growing interdependencies between organisations sharing ever more volumes of personal records,” said Allianz Commercial’s global head of cyber claims, Michael Daum.
Allianz argued that despite a recent trend of increased investment in cybersecurity, many of the largest data exfiltration cyberattacks over the past 18 months have resulted from weak cybersecurity within organisations.
One prominent example of a breach involving someone fraudulently obtaining data was a 2020 incident involving credit bureau Experian.
Experian suffered a data breach that was first reported by the South African Banking Risk Centre (Sabric).
The incident exposed as many as 24 million South Africans and nearly 794,000 business entities when Karabo Phungula obtained the dataset under false pretences.
It later emerged that Phungula had stolen the identity document of a businessman who had access to the service’s database and fraudulently extracted the information in May 2020.
Phungula allegedly wanted to sell the data for R4 million. He was arrested about a year later.
In March 2023, the Specialised Commercial Crimes Court in Palm Ridge sentenced Phungula to 15 years in prison for fraud and violation of the Electronic Communications and Transactions Act.