{"id":650911,"date":"2026-06-01T07:03:27","date_gmt":"2026-06-01T05:03:27","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=650911"},"modified":"2026-06-01T07:48:38","modified_gmt":"2026-06-01T05:48:38","slug":"another-south-african-organisation-denies-a-major-data-breach","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/650911-another-south-african-organisation-denies-a-major-data-breach.html","title":{"rendered":"Another South African organisation denies a major data breach"},"content":{"rendered":"\n

The Wanderers Club and Wanderers Stadium have joined Telkom in denying<\/a> that they were targeted in a series of alleged breaches by a threat actor against South African organisations in May.<\/p>\n\n\n\n

All three organisations rubbished the threat actor’s claims that their customer data was stolen, saying their investigations found no link between the hacker’s purported samples posted online and their data.<\/p>\n\n\n\n

On 27 May, a poster on a popular hacker forum said that they were selling private data allegedly belonging to Wanderers, Telkom and auto parts supplier Midas<\/a>.<\/p>\n\n\n\n

MyBroadband contacted the three affected companies and received feedback from Telkom, Lions Cricket, which operates the Wanderers Stadium, and later The Wanderers Club.<\/p>\n\n\n\n

The Wanderers Club is a 138-year-old sports club in Illovo, Johannesburg. It said that it found no evidence that the breach was legitimate.<\/p>\n\n\n\n

It said that it immediately contacted its technology service provider, Yolo, which began reviewing the sample data, file names and available indicators in relation to the alleged breach.<\/p>\n\n\n\n

The threat actor, called Databasehooligan, said that they were selling alleged private customer information from “Wanderers.” They posted samples of the allegedly stolen data.<\/p>\n\n\n\n

Databasehooligan claimed the dataset contained full names, email addresses, membership tiers, genders and language preferences. Over 674,000 records were allegedly up for sale.<\/p>\n\n\n\n

The data samples also purported to show information on club memberships, fee structures, and booking details for sports such as squash or tennis.<\/p>\n\n\n\n

“The sample data and file names do not align with the data structures, records, categories, or systems held or managed for The Wanderers Club,” said Frank Auger, club general manager.<\/p>\n\n\n\n

Yolo could not find any evidence linking the alleged dataset to the Wanderers Club official website, the club’s member database, its website infrastructure or Yolo-managed systems.<\/p>\n\n\n\n

Auger said that known club access-control or operations systems were also unaffected by any recent breaches based on the analysis.<\/p>\n\n\n\n

He also indicated that the website that the threat actor claimed to have obtained the information from, Wanderers.co.za<\/a>, was in no way related to the club.<\/p>\n\n\n\n

Authenticity of breaches called into question<\/h2>\n\n\n\n
\"\"
Alleged sample of data obtained from “Wanderers” containing email addresses, names and phone numbers.<\/figcaption><\/figure>\n\n\n\n

Lions Cricket, the owner and operator of Wanderers Stadium in Illovo, provided feedback confirming that the site belonged to the stadium but said it was “parked and dormant”.<\/p>\n\n\n\n

They said the data appeared to belong to the Wanderers Club or another third party and stated that their own systems were unaffected.<\/p>\n\n\n\n

However, the Wanderers Club has since said that this assumption was incorrect, as the data samples posted by the threat actor did not originate from its systems.<\/p>\n\n\n\n

Databasehooligan has been a prolific poster on the hacker forum and claimed to have accessed data from numerous companies and organisations across the globe.<\/p>\n\n\n\n

Each database was put up for sale, including three claimed to have been obtained from South African entities: Midas, Telkom, and Wanderers.<\/p>\n\n\n\n

Databasehooligan claimed it was selling 742,000 records obtained from Telkom, including private customer details and other alleged internal documentation.<\/p>\n\n\n\n

Each of their forum posts was structured the same way, with only specific company or data details changing the layout. The leaks were also posted in quick succession.<\/p>\n\n\n\n

Some of the alleged data from Telkom included what the threat actor said was taken from the telecom’s internal ticketing and support system.<\/p>\n\n\n\n

However, Telkom told MyBroadband on Thursday that it had found no evidence that its systems were compromised or that customer data had been accessed, sold, or exposed.<\/p>\n\n\n\n

“Telkom employs robust, multi-layered cybersecurity measures and continuous monitoring to safeguard customer information and protect against malicious activity,” the company said.<\/p>\n","protected":false},"excerpt":{"rendered":"

A threat actor claimed to have exfiltrated data from several South African organisations, but companies have already rubbished two of the purported leaks.<\/p>\n","protected":false},"author":341213,"featured_media":650472,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[105541,105607,105609,109,105563,105539,105608],"class_list":["post-650911","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-databasehooligan","tag-frank-auger","tag-lions-cricket","tag-telkom","tag-wanderers-club","tag-wanderers-stadium","tag-yolo"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/650911"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341213"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=650911"}],"version-history":[{"count":6,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/650911\/revisions"}],"predecessor-version":[{"id":651060,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/650911\/revisions\/651060"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/650472"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=650911"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=650911"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=650911"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}