South Africa’s Information Regulator has initiated an independent inquiry into the Companies and Intellectual Property Commission (CIPC) following a security breach of their systems, as announced in a recent media briefing.
The regulator revealed that it received reports suggesting that hackers were still active within the CIPC IT environment, implying that the systems remain compromised. The regulator would also investigate whether the CIPC’s business model aids in the trading of personal data which they hold, tying into CIPC’s technical and organisational protections surrounding personal information.
The CIPC, which operates under the Department of Trade, Industry, and Competition, oversees registration related to companies, co-operatives, and intellectual properties.
On February 29, 2024, the CIPC disclosed an “attempted” security breach, stating that both client and employee personal data had been accessed. This breached data included the names and addresses of registered clients.
Despite assurances from the CIPC about investigating and revealing the extent of this data exposure soon, a group claiming responsibility for the breach informed My Broadband that they had accessed the CIPC system as far back as 2021, exposing longstanding vulnerabilities within the system.
The assailants assert they have procured the complete source code of Sword South Africa’s systems, which they targeted. They reportedly used a vulnerability in a system the CIPC created, facilitating the occurrence of the incident.
The group is currently demanding a ransom of $100,000 (R1.9 million) to erase all stolen data, insisting they still have access despite CIPC’s attempts to revoke it.
In another news, the regulator shared an update on the data breach that happened at TransUnion, a South African credit bureau, in March 2022. After conducting an assessment, the regulator accused TransUnion of breaching the necessary conditions for the lawful handling of personal information.
As a result, it served TransUnion with an enforcement notice that calls for improved data management and security measures. TransUnion is required to provide evidence of complying with these changes by May 26, 2024, following the enforcement notice.
The post Regulator in South Africa initiates probe into CIPC following system breach appeared first on Innovation Village | Technology, Product Reviews, Business.
For more such interesting article like this, app/softwares, games, Gadget Reviews, comparisons, troubleshooting guides, listicles, and tips & tricks related to Windows, Android, iOS, and macOS, follow us on Google News, Facebook, Instagram, Twitter, YouTube, and Pinterest.
- Binance: court adjourns trial to May 17 as Kenyan police arrest fleeing executive
- Bolt introduces electric motorcycles in Kenya in partnership with M-KOPA, Roam and Ampersand
- Google Wallet’s tap-to-pay for Wear OS may soon include PIN authentication
- Samsung Galaxy Ring’s sizes, model numbers revealed
- 7 notable Nigerian tech founders who graduated from Covenant University
- Circle to Search to get handy new features for Samsung, Google phones
- Samsung Galaxy C55 launches with leather back, Snapdragon chip in China
- Nintendo Switch 2 may equip Samsung 5th gen V-NAND
- Egyptian HR-tech startup bluworks closes $1 million pre-seed round to enhance its products
- Samsung builds Everland Photo Studio to feature Galaxy S24 Camera, AI features
