Another data leak in South Africa

Rate this item
(0 votes)

Read Mia Andric's comments....

The news seems to constantly be littered with details of one massive security breach after another, and this week it was a South African company’s turn to make headlines. Sensitive personal information about nearly one million people who pay traffic fines online was leaked, with records containing identity numbers‚ e-mail addresses‚ full names and passwords.

Data leakSouth Africans have long been of the opinion that these kinds of security incidents don’t happen here to the extent that they do in other countries, but this data leak is merely the latest in a long line of breaches locally. Earlier this year, the Cambridge Analytica scandal, where nearly 87-million people's personal information was improperly shared, affected 60 000 South African users. Last year, millions of South Africans were compromised in a “data dump” that revealed their identity numbers‚ ages‚ locations‚ marital statuses‚ occupations‚ estimated incomes‚ addresses and cellphone numbers. It included personal information about prominent people including Jacob Zuma‚ Malusi Gigaba and Fikile Mbalula.

The Hawks' cybercrime unit is working with the State Security Agency (SSA) to investigate this incident, which largely looks like it was caused by negligence on the part of Viewfines. The leak was discovered by iAfrikan Digital founder Tefo Mohapi, who found a backup of the sensitive data saved in a directory which was publicly accessible.

The operations manager of the company which owns the website has said they are “implementing security measures immediately” to improve the website after being informed about the breach, but that offers no consolation to the close to 1 million people affected. This leak is potentially even more damaging than last year’s incident, as many people use the same passwords across various websites and platforms. When announcing the breach, Mohapi advised anyone who has ever registered on any system online that allows them to receive notifications and pay for traffic fines to go change all their passwords.

“The registration provides you absolute security, and access is only allowed by ID and your personal password. No other member of the public can access your outstanding offence information,” the Viewfines website states. Obviously, this is not the case.

It was precisely to prevent this kind of thing that the Government created the Protection of Personal Information Act, commonly known as PoPI. However, PoPI has not yet been put into effect, limiting Viewfines’ liability. Should this incident have occurred under PoPI, the company would be liable for millions in fines.

Those worried that they were affected by the leak can go to the Have I Been Pwned website ( and entering their email address into the required field. This will cross-reference the address with the database of affected accounts, and notify the individual if their details are compromised.

Image credit: Copyright: jannoon028 / 123RF Stock Photo


African Fusion

AfricanFusionAfrican Fusion, the official publication of the Southern African Institute of Welding (SAIW), aims to provide up-to-date insight into welding technology and the welding industry.

Capital Equipment News

Capital Equipment News is dedicated to the application of equipment and modes of transport that are used in the mining, construction, quarrying, and transport industries.

Construction World

ConstructionWorldConstruction World was first published in 1982 and has grown to become a leader in its field, offering a unique mix of editorial coverage to satisfy the diverse needs of its readers.

Electricity + Control

ElectricityandControlE + C publishes innovative, technical articles that provide solutions to engineering challenges in measurement, automation, control, and energy management.

Lighting in Design

LightingandDesignLighting in Design is a glossy, upmarket publication aimed at lighting professionals. It is the only B2B magazine in SA that is dedicated solely to the subject of lighting.

MechChem Africa

MechChemJanuary2017cover MechChem Africa supports African engineering and technical managers across the full spectrum of chemical and mechanical disciplines.

Modern Mining

ModernMiningEstablished in 2005, Modern Mining is one of SA's leading monthly mining magazines, noted for the quality and accuracy of its writing and the breadth of its coverage.

Modern Quarrying

ModernQuarryingModern Quarrying is firmly entrenched as a leading industry-specific magazine. It focuses on promoting the science and practice of quarrying and processing in southern Africa.

Sparks Electrical News

SparksElectricalNewsReadable and informative, Sparks Electrical News is the newspaper for those involved in installing and maintaining electrical supplies and equipment.