Credit brueau Experian has suffered a data breach that exposed the personal details of 24 million South African consumers and almost 800,000 businesses.
Experian admitted that it handed over the data to a fraudster posing as a client.
The criminal was hauled up by Police after the credit referencing agency alerted authorities to the incident.
"We have identified the suspect and confirm that Experian South Africa was successful in obtaining and executing an Anton Piller order which resulted in the individual’s hardware being impounded and the misappropriated data being secured and deleted," says the company in a statement. "We are continuing the legal process in this regard, including coordination with law enforcement and relevant authorities."
In a public notice on the breach, Nischal Mewalal, CEO of the bank-backed South African Banking Risk Information Centre, says: “The compromise of personal information can create opportunities for criminals to impersonate you but does not guarantee access to your banking profile or accounts. However, criminals can use this information to trick you into disclosing your confidential banking details.”
Experian states: "Our investigations do not indicate that any misappropriated data has been used for fraudulent purposes. Our investigations also show that the suspect had intended to use the data to create marketing leads to offer insurance and credit-related services.
Experian South Africa bureau’s infrastructure, systems and database have not been compromised."