{"id":527937,"date":"2024-03-07T14:39:19","date_gmt":"2024-03-07T12:39:19","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=527937"},"modified":"2024-03-07T14:42:54","modified_gmt":"2024-03-07T12:42:54","slug":"south-africas-official-company-database-says-they-arent-the-only-ones-getting-hacked","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/columns\/527937-south-africas-official-company-database-says-they-arent-the-only-ones-getting-hacked.html","title":{"rendered":"South Africa’s official company database says they aren’t the only ones getting hacked"},"content":{"rendered":"

The Companies and Intellectual Property Commission (CIPC) says it is not the only organisation in South Africa that has suffered a data breach.<\/p>\n

This comes after a ransomware gang claiming responsibility for an attack on the CIPC\u2019s systems accused the agency<\/strong><\/a> of covering up how weak its security really is.<\/p>\n

Shortly after the CIPC disclosed<\/strong><\/a> that it had been the victim of an \u201cattempted\u201d breach, the hackers contacted MyBroadband.<\/p>\n

As proof they were who they claimed, the hackers provided private information from the CIPC database MyBroadband would recognise.<\/p>\n

They also provided a sample of data they had exfiltrated from the CIPC containing people\u2019s full names, ID numbers, physical addresses, phone numbers, email addresses, and CIPC passwords.<\/p>\n

The anonymous group also showed MyBroadband that it was possible to access someone\u2019s CIPC user account without knowing their password.<\/p>\n

In addition, they claimed to have breached the CIPC\u2019s systems in 2021 and infected them with ransomware.<\/p>\n

The data sample they provided was posted on Pastebin and dated July 2021.<\/p>\n

The group said that after breaking into the CIPC\u2019s systems a second time, they demanded a $100,000 (R1.9 million) payment in exchange for deleting the data they had exfiltrated.<\/p>\n

They also said they had discovered a trove of credit card details stored in plain text in the CIPC\u2019s systems, although they assured us they had not taken this data.<\/p>\n

\u201cWhy? Because although we want money, we are not after the individuals but the bigger organisations!\u201d they said.<\/p>\n

\u201cWe still have a level of access despite their efforts to remove us,\u201d they said.<\/p>\n

In response to these reports, the CIPC issued a statement on its website.<\/p>\n

CIPC says it invested heavily in security<\/h2>\n

\u201cWithout detracting from the seriousness of such incident, it\u2019s important to mention that the CIPC is not the only organisation that has been subjected to such a breach,\u201d CIPC Commissioner Rory Voller stated.<\/p>\n

\u201cThere has been a massive increase of cyberattacks within South Africa and it would seem that as a jurisdiction, we are being targeted.\u201d<\/p>\n

The CIPC seemed to take issue with the reports about the ransomware gang that breached its systems.<\/p>\n

\u201cBreaching the security infrastructure of any organisation, institution or agency is nothing more than a criminal act and the perpetrators are criminals that should be portrayed as such,\u201d Voller said.<\/p>\n

\u201cAs a result of the criminal nature of the unlawful and mala fide<\/em> breach of the CIPC security systems and protocols, the necessary steps will be taken to ensure that the guilty are held responsible for the crimes committed.\u201d<\/p>\n

Voller said that as soon as they knew about the breach, the CIPC complied with all requirements in terms of the Protection of Personal Information Act.<\/p>\n

It notified the Information Regulator, the South African Police Service, and the State Security Agency of the security compromise. It also published a media statement.<\/p>\n

\u201cEvery reasonable steps are being taken to ensure that the CIPC systems and platforms are protected from unlawful and\/or unauthorised access and abuse, and remain available to our clients for transacting,\u201d said Voller.<\/p>\n

\u201cThe CIPC has always been aware of the possibility of attacks against its databases and over the years have invested significantly in the best technology to secure the data kept on our registers.\u201d<\/p>\n

However, Voller also said that the information in the CIPC\u2019s registers form part of the public domain and can be accessed by anyone when legal and lawful processes are followed.<\/p>\n

\u201cDue to the increased regulatory compliance frameworks within South Africa brought about by the General Laws Amendment Act, 22 of 2022, criminals are feeling the pressure,\u201d said Voller.<\/p>\n

\u201cAs one of the regulators tasked with enforcing compliance to the legislation, the CIPC is not immune to levels of criminality levelled against it.\u201d<\/p>\n

The CIPC urged users to change all passwords and login information as an added security measure.<\/p>\n

Victim blaming, and treating people\u2019s data with respect<\/h2>\n

Voller\u2019s admonishment not to victim-blame those who have fallen prey to ransomware attacks and data breaches has merit.<\/p>\n

However, he glosses over the allegations that the CIPC\u2019s systems had been breached and data exfiltrated in 2021 without disclosing the attack.<\/p>\n

Furthermore, the hackers say that when they returned in 2024, they exploited the same vulnerability to breach the CIPC\u2019s system a second time.<\/p>\n

They also claimed the CIPC stored credit card details unencrypted, provided evidence that passwords were stored in plain text, and showed they could access people\u2019s accounts without a password.<\/p>\n

According to the attackers, they could even alter company information, like adding and removing directors.<\/p>\n

If these allegations prove true, while the CIPC is not to blame for being attacked, it is to blame for not doing enough to secure its systems better.<\/p>\n","protected":false},"excerpt":{"rendered":"

The CIPC has issued a curious statement in the wake of media reports about a data breach that exposed the passwords, credit card information, ID numbers, contact details, and physical addresses of every business owner and director in South Africa.<\/p>\n","protected":false},"author":15,"featured_media":445050,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,27],"tags":[47544,35,92835],"class_list":["post-527937","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-columns","category-security","tag-companies-and-intellectual-property-commission-cipc","tag-headline","tag-rory-voller"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/527937"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=527937"}],"version-history":[{"count":0,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/527937\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/445050"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=527937"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=527937"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=527937"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}