No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans

For fraudsters looking to swindle big corporations, sometimes it’s just a matter of asking. Earlier this week, the South African division of credit reporting giant Experian revealed that someone posing as a client had tricked the firm into coughing up personal information on an untold amount of South African consumers. The South African Banking Risk Information Centre (SABRIC), an association of banks focused on combating crime, put a number on the breach: up to 24 million people, and nearly 794,000 “business entities,” could be affected. Investigators have been working with banks to figure out which of their customers may have had their personal data exposed, according to SABRIC. It’s a reminder of the reams of personal data that credit monitoring firms like Experian and Equifax are sitting on, and the high stakes those firms face in protecting it. A social engineering trick, or an unpatched software flaw, can open the … Continue reading No hacking needed: Someone duped Experian into handing over data in breach affecting 24 million South Africans