World’s Biggest Data Breaches

INFOGRAPHIC showing selected losses greater than 30,000 records.

Streamlining data breach disclosures: A Step-by-Step Process

I don’t know how many data breaches I’m sitting on that I’m yet to process. 100? 200? It’s hard to tell because often I’m sent collections of multiple incidents in a single archive.

The Aadhaar data breach problem

THE Unique Identification Authority of India’s (UIDAI’s) response to a The Tribune report last week that detailed an alleged data breach in the Aadhaar programme has moved from unsatisfactory to counterproductive.

Ten trends that will change business cyber security protection in 2018

2017 once again proved that the cyber threat landscape is complex and constantly changing, dictating the need for comprehensive and responsive defences that step up to the real challenges that organisations face.

The Five Laws of Cybersecurity

2017, ended up being the year of the hacker in many ways. From Equifax to Uber, it seems like every aspect of the human experience has been affected by cybersecurity and privacy concerns.

POPI: Changing the way SA tour operators do business

THE POPI Act, coming into effect later this year, is set to revolutionise South African businesses at every level, from the telephonist to board members, says Hogan Lovells partner, Leishen Pillay.

POPI Act implementation at the Airports Company of South Africa

COMPLIANCE with the POPI Act can provide your business with a competitive edge or place it at a huge risk. With the deadline looming, organisations are scrambling to ensure compliance.

The cost of a data breach in 2018

TRADING in intellectual property and personal data is so widespread that someone invented a calculator that can estimate the potential harm to your own business. Nearly 5 million data records are lost or stolen worldwide every single day.


Don’t hide when you had a breach like Uber it will come out somehow

THE name Uber has become practically synonymous with scandal. But this time the company has outdone itself, building a Jenga-style tower of scandals on top of scandals that has only now come crashing down.

How ready are you to manage a data breach?

LAST month saw the uncovering of South Africa’s largest data leak to date, which revealed that the personal data records of over 60 million individuals have been made publicly available.

Top 10 IT security predictions for 2018

2017 was certainly the year in which the world sat up and took notice of the undeniable importance of IT security.

Vulnerable populations included in the 157K breached patient records

The month of October continued the recent trend of hacking incidents outweighing insider incidents.

How SA Companies doing business with EU Customers will be impacted

South African companies doing business with European Union (EU) customers need to consider making changes to their data privacy.

Security Budgets for 2018 for implementation of POPIA

Once the Protection of Personal Information Act, 2013 (POPI Act) is made effective, companies will have a year’s grace period to become compliant with the Act.

The avoidable mistakes executives continue to make after a data breach

There has been an increase in commercial identity theft cases in SA and local businesses – regardless of size – must be vigilant about any documentation – print or electronic – containing financial or personal information.

Steps to help you protect yourself online

On the heels of some very high-profile and disturbing data breaches, this year’s Cyber Security Awareness Month is timely.

Protect your business from identity theft

There has been an increase in commercial identity theft cases in SA and local businesses – regardless of size – must be vigilant about any documentation – print or electronic – containing financial or personal information.

Australian government contractor exposed 50,000 records

Nearly 50,000 personal records relating to Australian government employees as well as employees of two banks and a utility were exposed to the internet.

Forever 21 informs customers of a potential data breach

Encryption! Gotta love it! It makes paying for things so easy, and secure… Most of the time.

Why you should fear phishing more than data breaches

For some people, Google controls most of their identity online, and losing access to that critical account could be devastating.

Data leak: Legal delays create a ‘free for all’

If the POPI Act had been fully enacted‚ those responsible for leaking the data of millions of South Africans could have been fined up to R10-million or imprisoned for up to 10 years.

What to do if you think you have been hacked

Last week a major South African domain service provider, Hetzner, was hacked, allegedly compromising personal information.

Cybercrime is getting real, and buying more stuff is no protection

For the last twenty years, cybersecurity has been a commodity, purchased by investing in anti-virus software, servers, firewalls and technical teams.

What to do if you are a victim of holiday fraud and how to avoid it

VERY few people escape the unpleasant experience of being defrauded at least once in their lifetime.

Strengthening digital society against cyber shocks

Key findings from the Global State of Information Security Survey 2018 show that despite continued massive data breaches many organizations struggle to manage cyber risk.

The regulator has now concluded her consultations process

The regulator has now concluded her consultations process with the all the provinces as per the scheduled published in aimed of so solicit comments on its draft Regulations.

Hyatt Hotels data breach: Hackers accessed visitors’ credit card info

Hyatt Hotels discovered that its payment systems were breached, exposing visitors’ payment card information from 41 hotels in 11 countries earlier this year.

How to stay safe from cyber criminals: 30 tips

In light of the recent massive data breach, and October being National Cyber Security Awareness Month, Capitec Bank has outlined thirty tips to keep consumers from becoming targets.

It’s National Cybersecurity Awareness Month!

It’s official: National Cybersecurity Awareness Month is here (well, actually, it’s international; Europe has already jumped in as well).

Huge SA data breach raises identity theft concerns

The data breach involving the personal details of an estimated 33 million South Africans has raised concerns over its use for identity theft and other criminal activity.

Info of children as young as 3 found in SA data breach

The personal information of children as young as 3 years old has been found in the leaked data of the country’s worst data breach.

BadRabbit ransomware strikes Eastern Europe

A new strain of ransomware called BadRabbit is spreading through Eastern Europe. Likely created by the same authors as the Petya/Not Petya ransomware .

Regulator provided a progress made to date to the public and media

The purpose of this briefing is to provide an update on the progress made on the establishment of the Information Regulator (Regulator).

Blog explaining the data breach incident in SA

I’m doing this week’s update a little back to front due to the massive incident in South Africa involving what looks like pretty much the entire population.

Data breach exposes millions of South Africans’ personal records

A huge trove of data, containing the personal information of millions of South Africans, has been discovered by information Troy Hunt.

The quest for a more secure Dropbox alternative

If you use Dropbox, Google Drive, or Yandex.Disk, then you have no doubt appreciated the convenience of always having all of your important files handy on any device.

2017 Midyear Security Roundup: The Cost of Compromise

Major events shook the global threat landscape in the first half of 2017. Our midyear security roundup covers the old and the new.

New Information Regulator receives 107 complaints

SASSA says it is working to improve its biometric payment system to curb unauthorised deductions from the accounts of already cash-strapped recipients.

How Much Will the Data Breach Cost Equifax?

The company is certain to eventually be out untold tens of millions of dollars from the data breach it announced last week.

Uber settles federal agency charges for privacy breaches

Uber Technologies, Inc. has agreed to implement a privacy program and obtain independent audits in the next 20 years to settle FTC charges that it failed to protect consumer and driver data.

Top cybersecurity tips for small businesses.

Small businesses and self-employed people are big targets for hackers, and the financial implications can be crippling. Gone are the days of thinking “It’ll never happen to us.”

Information Regulator meets with the Parliament of Sri Lanka

Information Regulator meets with the delegation from the Parliament of the Democratic Socialist Republic of Sri Lanka.

25 of the most infamous data breaches

Software vulnerabilities, lost hard drives and CDs, malicious insiders, poor security – the UK’s most important data breaches reveal just how many ways data can be put at risk.

Yahoo must face litigation by data breach victims.

A US judge said Yahoo must face nationwide litigation brought on behalf of well over a billion users who said their personal information was compromised in three massive data breaches.

Cybersecurity threats to watch for in 2017

From international data breaches to individual ransomware attacks, threats to computer systems will have an impact on every aspect of modern life. Here are five areas to watch in the cybersecurity field this year.

Report shows increase in data breaches in the first half of 2017

In the first half of 2017, over 6 billion records were exposed through 2,227 publicly disclosed data breaches, according to a July report from Risk Based Security.

Invitation to comment on draft regulations relating to the PoPI.

Invitation to comment on Draft Regulations relating to the Protection of Personal Information. Deadline for comments is 07 Nov 2017.

The Biggest Data Breach Settlement In History

Anthem the U.S based Medical Insurance and Health Care company with a reported turnover of $80 billion and a net income of $2.26 Billion in 2016 has made now made history, but for the wrong reasons.

POPI adds new dimension to personal data protection in SA

The law not only covers people, but ‘data subjects’ or any legal entities that then have the right to have their information protected, says Danie Marais, founder and director of Redstor.

Data Breaches Happening at Record Pace, Report Finds

The number of data breaches in the U.S. jumped 29 percent in the first half of this year, hitting a record high of 791, according to a new report.

Cyber bullying causes digital dilemma at schools

Leibowitz and Riaan van der Berg, technical manager at the Federation of Governing Bodies of South African Schools, discussed cyber bullying in the schooling environment and how schools can protect learners from the threatening epidemic.

2017 Data Breaches – The worst so far

In 2016, reported data breaches increased by 40%. Yahoo also announced the largest data breach in history last year, affecting more than one billion accounts

The 20 Biggest Hacking Attacks of All Time

There’s little doubt that the internet has transformed the modern world as we know it, and mostly in a positive way.

Who am I?’ you ask … ‘We’re not sure’, Home Affairs answers

The Department of Home Affairs is the undisputed custodian of identity. However, identity must be managed within the framework of the Constitution, and the human rights of citizens must be respected and protected.

SASSA vows to curb illegal deductions

The South African Social Security Agency (SASSA) says it is working to improve its biometric payment system to curb unauthorised deductions from the accounts of already cash-strapped recipients.

The employer’s guide to POPI policies

As part of their POPI compliance, businesses must ensure that it complies with the Acts’ 8 conditions for lawful processing of personal information of both individuals and juristic entities.

SA businesses aren’t obligated to tell if your data has been ransomed

With the recent WannaCry and NotPetya attacks, South African businesses are feeling the effects of cyber attacks first-hand, but they may now also have a duty to their customers.

Does complying with the requirement in POPI make you WannaCry?

I often get asked what ‘appropriate security’ is for a particular business. Although this is a really important question, it is equally important that you ask the right person.


This was the topic under discussion at a roundtable hosted by Forcepoint recently. Attendees were taken through data privacy regulation by an IT law consultant.

The Information Regulator published her Strategy 2017/2020

The information regulator published her Strategy 2017/2020 – see link.

Old Mutual targeted in data breach

Financial services company Old Mutual has notified its customers of a data breach, after it detected unauthorised entry to one of its systems which led to some personal customer information being accessed.

PoPI Is coming – Is the hospitality industry ready?

As an industry that deals mainly in credit card transactions,the hospitality industry is a particularly high-yielding target for cyber criminals.

Cost of a data breach dropped 10% globally in 2017 study

Security today announced the results of a global study exploring the implications and effects of data breaches on today’s businesses.

The Information Regulator terms of reference

The information regulator has been setting up the various terms of reference for a few committees which will enable her office manage its duties as set out in both Acts effectively.

SA companies will soon be forced to tell customers of a data breach by law

The official implementation of the Protection of Personal Information Act (POPIA) is set to cause a massive shake up in the relationship between companies and their customers.

Data breaches and cyber-attacks: How ready is your organisation?

Data security and cyber breaches are becoming an almost daily occurrence, as is widely reflected in increased publicity and media reports, which also demonstrate that data breaches are growingin frequency and scope.

The power of PoPI. Know thy information, protect thyself

A home can have the most advanced alarm system, electric fencing and security gates, but these are of little use if a family member is duped into opening the gate and letting a criminal walk straight in.

Data breaches are a part of doing business, protection in encryption

Data has become the lifeblood of modern life as everything from room temperatures and health records to banking details and WhatsApp messages are collected and stored.

The 14th Cape Conference – Lifting the veil on POPIA Compliance

Over 487 million records were leaked in one year. Cyber-attacks, human error, hacking, and data swiped all lead to lives being ruined.

Basic security measures can stop network intrusions

In BakerHostetler’s 2017 Data Security Incident Response Report, we analyzed 104 network intrusion attacks that we helped our clients respond to last year.

Statement from the Regulator on the SASSA debacle

Statement from the Information Regulator on the SASSA debacle.

ITWeb PoPI update 2017

Pétanque International will be at this event with Dr Wim Booyse as a key speaker.

Introducing: South Africa’s first DPA

South Africa’s first data protection authority is in the process of setting up shop, but local legal professionals are skeptical about how well-resourced it will be.

CNIL unveils 2017 inspection program and 2016 annual report

The French Data Protection Authority published its Annual Activity Report for 2016 and released its inspection program for 2017.

Security specialist identifies security breaches in apps

The Pradeo Lab, a worldwide leader in mobile devices and applications security, analysed the mobile applications of 50 of the world’s top 100 banking establishments to identify security breaches.

Cyber-security needs more than rules

Africa’s eHealth’s not strong on cyber-security rules and regulations. They’re essential, but a survey of ICT security experts in the US by Level 3 Communications says they’re not enough.

How fake data could lead to failed crops and other woes

There’s a new cyber threat on the horizon. And it’s fiendishly subtle and potentially very dangerous.

Ster-Kinekor website flaw puts 7 million users’ data at risk

Up to 7 million South Africans have purportedly fell victim to a data leak on a website belonging to local movie theatre chain Ster-Kinekor.

Information Regulator to promote access, protection of personal info

Newly-appointed members of the Information Regulator (South Africa) were introduced for the first time by the Justice and Constitutional Development Deputy Minister, Mr John Jeffery during a media briefing recently.

Privacy of SASSA beneficiary information a concern

A political activist believes citizens should be extremely concerned about how SASSA is treating the personal information of its grant beneficiaries.

Nigerian cyber crime matures, morphs

INTERPOL, security researchers see West Africa cybercrime scene expanding and getting more sophisticated.This is not your parents’ Nigerian scam.

2016: Data breach statistics

The ITRC tracks four types of compromised information: Social Security number, Credit/Debit Card number, Email/Password/User Name, and Protected Health Information (PHI).

ITRC Breach Statistics 2005 – 2016

ITRC Breach Statistics 2005 – 2016.

Yahoo CEO loses bonus over security lapses

Yahoo CEO will lose her cash bonus after an independent investigation into security breaches at the search giant found that senior executives and legal team failed to comprehend or investigate the severity of attacks.

Light at the end of the PoPI tunnel

The Information Regulator has been working hard on draft Protection of Personal Information (PoPI) Act regulations that will soon be tabled in parliament.

Asking the right questions about POPI and compliance

Digital transformation is touching every sector as well as every industry, disrupting the traditional market leaders, value chains and conventional ways of doing business.