Security3.01.2025

Major business data breach in South Africa

Govchain, a tax preparation firm offering online registration and compliance services to businesses in South Africa, has suffered a data breach, and it says the incident may have compromised customers’ personal information.

This is according to an email sent to customers and shared with MyBroadband. The company said it detected a potential security breach involving one of its cloud storage databases on 23 December 2024.

“Our internal monitoring system flagged the incident due to an unusual volume of errors. Upon discovery, we immediately secured the affected system and launched an investigation,” it said in the notice.

“Unfortunately, this breach may have compromised some personal information.”

Govchain said that routine monitoring of its systems identified a potential security breach, which affected company-related documents required for the Financial Intelligence Centre Act (FICA) verification and the sharing of register records.

The firm mitigated further risks by blocking access to all servers, temporarily deactivating all applications, initiating a comprehensive investigation with cybersecurity experts’ help, and implementing additional monitoring.

“We are working closely with the relevant authorities to investigate this matter and ensure the perpetrators are identified,” it said.

It warned that this could lead to an increased risk of phishing attempts or fraudulent activities and advised that its customers take the following precautions:

  • Monitor online accounts and profiles for unusual activity;
  • Be wary of unsolicited emails or calls asking for sensitive information; and,
  • Look for unauthorised logins, unexpected password changes, or new accounts registered in your name.

“We are committed to improving our security infrastructure,” said Govchain.

“Steps already underway include engaging industry-leading experts to assess and enhance our systems and conducting a thorough review of our security protocols.”

Govchain told MyBroadband that it has no indication that any of its customers’ personal information has been misused.

“However, our internal security team, supported by a well-known third-party cybersecurity firm, is conducting a thorough investigation to determine the scope and nature of this potential breach,” it added.

“We understand that a data breach carries legal obligations, and we are committed to meeting those requirements.”

Govchain says its primary goal is to protect its users’ data and maintain the integrity of its systems.

“We take privacy and security very seriously, and we will be in a position to provide further updates as the investigation continues,” it added.

A MyBroadband reader and Govchain customer who wishes to remain anonymous said scammers impersonating FNB employees have been harassing them since late November 2024.

“I have had four different calls from them from 30 November, but the cell number they called from and their failure to ask the usual bank security questions gave the game away immediately,” they said.

“Worryingly, however, the scammers knew my personal ID number, my home address, my cell number, my company CK number (registered via GovChain) and my FNB business account number linked to the company.”

They noted that the scammers didn’t know about transactions on the account, indicating that the link likely didn’t come from within FNB.

“I deliberately asked them about a made-up transaction which they agreed took place, which confirmed they didn’t have account transaction info,” they said.

Show comments

Latest news

More news

Trending news

Sign up to the MyBroadband newsletter