What Happened
TransUnion South Africa was targeted in a cyber-attack where a criminal third party, calling themselves N4ughtySec, obtained limited access to a TransUnion South Africa server through misuse of an authorised client’s credentials.
The criminal third party aggregated and released samples of data allegedly obtained from TransUnion South Africa with other sources of data, including at least 54 million records unrelated to TransUnion from data breaches dating back to 2017. With the help of outside experts, we reviewed this data as quickly as we were able to safely access it.
Immediately upon discovery of the incident, TransUnion South Africa suspended the client’s access and appointed a world-leading forensic firm to lead our investigation. We continue to work closely with South African regulators and law enforcement agencies in South Africa and the US.
Potential Impact
The TransUnion South Africa team has worked closely with external experts to understand what data was affected. Our understanding is that data relating to up to 5 million consumers was potentially affected by the incident with a further 5.2 million consumers having had only ID numbers affected, but with no personal information linked to the ID number. For businesses, a total of 600,000 organisations were potentially affected by the incident.
Fields of information that may have been affected include:
Access to personal or business information can create opportunities for criminals to impersonate you or your business but does not guarantee access to your / your business’s banking profile or accounts. However, criminals can use this information to trick you or your employees into disclosing your confidential banking details. This could potentially be used by third parties in various ways to commit fraudulent scams, such as application fraud or the changing of banking details via an email compromise.
How to Protect Yourself / Your Business
We appreciate that situations like this can create uncertainty and we want to support you or your business through any concerns you may have. Where contact information was available, we directly contacted (by email or text) the individuals and businesses who were known to be potentially impacted.
We have made identity protection products available to individuals and businesses whose information was illegally accessed from TransUnion South Africa.
Over and above the direct notifications, we published notifications of the security compromise to impacted consumers and businesses on radio stations, newspapers and via social media channels broadcasting in each official language and covering all nine provinces in South Africa. If anyone is uncertain of a communication that appeared to come from TransUnion, we recommend visiting our website by typing in the following web address: www.transunion.co.za site.
If you receive a message that asks you to provide personal or business information directly to the sender, or that directs you to a website other than the www.transunion.co.za site, it may be a fraud attempt. Please be vigilant of phishing attacks and remember that a TransUnion representative will never ask for your or your business’s banking details, bank PIN or user login password.
We would encourage you or your business, as a precaution, to follow these security recommendations:
Regularly reviewing your credit report is a great way to check your credit data, and guard against identity theft and financial fraud.
Measures Taken by TransUnion
TransUnion believes responsible data stewardship is fundamental to our mission. We continuously look for ways to further strengthen our defences against unauthorised access of any kind to our systems or data. Our focus remains on ensuring we comply with the most current privacy regulations and that we are able to meet or exceed business’ and consumers’ evolving security and privacy expectations.
Alongside our investigation, we have reviewed and evaluated our systems and processes to ensure we have the highest standards of security in place across all of our operations. We continue to work closely with regulators and law enforcement bodies, and we are consulting key industry and trade associations in our continuous efforts to evolve our security posture and ensure high security and privacy standards. We have been proactive in reviewing and evaluating all of our systems, including a forced password reset to ensure clients comply with our password complexity policy.
Investigation Update
As our investigation continues, our teams have been working alongside multiple regulatory, law enforcement and industry bodies to ensure we maintain as full and comprehensive an understanding of the potential impact on all of our consumers, businesses and suppliers as possible.
We are working closely with South African regulators and law enforcement agencies in South Africa and the US. As is common with criminal attacks of this nature, it is not always possible to identify who is responsible for this malicious conduct. Alongside these agencies, our investigation is supported by our external industry security experts.
An investigation of this nature is likely to take several weeks and we will continue to share information with all law enforcement agencies to support their ongoing criminal investigation. Should we identify the suspect, we will work with law enforcement agencies and disclose the identity of the suspect only if law enforcement agencies think that it is appropriate.
The protection of the information we hold is a top priority for TransUnion, and we sincerely regret any inconvenience or concern this incident may have caused you or your business.
Top 6 FAQs
1. Update: South African Cyber Incident
What type and volume of data was affected by this incident?
Was my or my business’s data affected?
What are you doing to notify and assist people and organisations whose data is affected?
What steps can I take to make sure I’m not (or my business is not) a victim of fraud?
If my TransUnion data was affected, how do I subscribe to the free one-year subscription to TrueIdentity?
If my business’s TransUnion data was affected, how do I subscribe to the free subscription to the Business Credit Alerts and Reports Service which has been offered until December 2023?
Why does TransUnion require documentation from me when I try to subscribe to the free TrueIdentity service I received due to my personal or business information being impacted?
How do I know that the text or email I received about this incident is genuinely from TransUnion?
I received the same notification as a friend/colleague/family member, but the link to the TransUnion website differs from theirs. I am confused and unsure which one is authentic. Why did I receive a different URL?
I received a message from TransUnion Identity Monitor stating my personal information has been discovered on the dark web. What does this mean, why did I receive it, and what should I do?
I have received multiple alerts from TransUnion since the cyber incident and signing up to TrueIdentity. I am confused as some are credit alerts and others dark web alerts. What is the difference, and should I be concerned?
What is the dark web?
If I receive a suspicious message from someone claiming to have my data and trying to access my bank account, what should I do?
I have recently had fraud on my account. Is this due to the TransUnion cyber-attack?
2. How do I log a dispute to correct information on my credit report?
You can log a dispute online by following these steps:
You can track the progress of you dispute or query by clicking the “Dispute summary” tab on your dashboard.
You can call 0861 484 482 and select option 2 to log a dispute.
3. Why is my credit score low?
4. Does a good TransUnion score ensure I’ll get credit from a lending institution?
It will help, but it’s not a guarantee.
For example, if you’re applying for a loan to buy a home or car, or an increase in your credit limit, your credit score can serve as a guide to lenders. It’s one of many factors they’ll consider when making a decision. Also, different lenders use different factors to assess credit applications.
If you have a good (high) credit score, it means your credit report has information that shows you’re low risk and more likely to meet the repayment terms. You tend to be seen as a reliable borrower who will repay credit on time, which makes you more appealing to lenders. A good credit score means your application is more apt to be accepted, but it’s not a sure thing.
TransUnion is not responsible for the decisions lenders make based on your credit score.
5. How do I get my credit report?
There are two credit reports available to you:
6. Why are my personal details wrong on my credit report?
TransUnion gets the information used in your credit report from different institutions. It’s up to you to make sure your contact details are correct. If they aren’t, use te Dispute/Query option to ask us to update them: [see point 1 for this process]
General FAQs
What does a payment holiday mean?
A payment holiday is an agreement between you and your lender allowing you to temporarily stop or reduce your monthly repayments on an existing credit agreement. Lenders have different approaches to payment holidays so please speak to your lender about what’s available to you, the implications, as well how you should go about applying.
What payments qualify for payment holidays
Lenders have different approaches to payment holidays ranging from reduced monthly payments, deferred full payments through to extending the number of installments (the term) on the original credit agreement. Please speak to your lender about their payment holiday approach, which of your payments qualify, the implications for you as well as how you go about applying.
How long do payment holidays last for?
Lenders have different approaches to payment holidays. Please speak to your lender about their payment holiday approach, including the duration options on offer.
How do I apply for a payment holiday?
Lenders have different approaches to payment holidays. Please speak to your lender for more information on the application process that you should follow.
What does a payment holiday mean for my credit score?
A payment holiday is intended to assist consumers in preventing them from defaulting. Should you be granted a payment holiday, your lender will provide the credit bureau with the appropriate information to correctly identify your payment holidays against your specific accounts. This information is taken into consideration when reviewing your credit score. It is important to note that lenders make lending decisions on additional assessments over and above your credit score when granting new credit or extending credit limits.
How will a payment holiday reflect on my credit report?
As long as a deferred payment date (which will be future date) is supplied by your lender to the credit bureau, your account will reflect as updated until such time the payment becomes due and payable. The deferred payment date will reflect on your credit report for each account that is deferred or where the term is extended. Please obtain your latest credit report from transunion.co.za
What should I do if I can’t honour my payments?
You should immediately contact your lender to make an alternate arrangement with them. Proactively managing your obligations to lenders will allow you improve and sustain your overall financial health.
What happens if I don’t make the full payment, but pay a portion of it?
In order for the reduced payments to not reflect negatively on your credit report, you need to make sure that you follow the proper application process with your specific lender. The lender will then submit this information to the bureau to update on your profile showing that you are on a payment holiday.
Can I claim against insurance if I am unable to make my installments?
Most lenders require you to take out credit life insurance when you apply for credit. Check your specific insurance policy to see if your specific policy allows you to claim.
What happens if I have a dispute during the lockdown period?
The credit bureau dispute teams continue to operate and you can still log your dispute online. Disputes will still be managed within the current 20 business day resolution timeline, however due to not all businesses operating during the lockdown this may allow for updates past this period.
Can I still access my credit report during the lockdown period?
During this Covid-19 lockdown, all credit bureaus are providing consumers with free access to their credit report. Please access your free annual credit report.
How can I protect my credit health?
We understand that you may be facing some tough financial choices right now. We encourage you to pay what you can to avoid late payments on your credit report. If you can’t make minimum payments, we recommend you talk with your lenders to find out if they’re offering any assistance. Please access your free annual credit report, so that you can better under your current financial health.
What is a Credit Report?
Your credit report is a record of your credit activity and credit history. It includes the names of companies that have extended you credit and/or loans, as well as the credit limits and loan amounts. Your payment history is also part of this record and can show how you positively manage your accounts. If you have delinquent accounts, are under debt counseling or administration, or you have been sequestrated, these can also be found in your credit report.
What does COVID-19 mean for my credit score and credit report?
We understand that you may be facing some tough financial choices right now. We encourage you to pay what you can to avoid late payments on your credit report. If you can’t make minimum payments, we recommend you talk with your lender to find out if they’re offering any assistance. Please access your free annual credit report, so that you can better under your current financial health.
What does the national lockdown mean for my credit score and credit report?
Banks and other financial institutions are classified as essential services and continue to operate during this period. Talk to your lender to understand what options they have available to assist you. TransUnion will also continue to provide consumers with their credit reports during this period to help you understand your financial position. Please access your free annual credit report, so that you can better under your current financial health.
What does the corona virus mean for my credit score and credit report?
Just like your physical health, your financial health is key. Away try to pay what you can to avoid late payments on your credit report. If you can’t make minimum payments, we recommend you talk with your lenders to find out if they’re offering any assistance. Please access your free annual credit report, so that you can better under your current financial health.
What should I do to protect my credit score during the lockdown?
We understand that this is a very uncertain time for everyone. You should however always try to pay what you can to avoid late payments on your credit report. If you can’t make minimum payments, we recommend you talk with your lender as soon as possible to find out if they’re offering any assistance and how that can benefit you. Please access your free annual credit report, so that you can better under your current financial health.
I am worried that the Covid-19 lockdown is going to affect my ability to earn and income. What should I do to protect my credit score?
We understand that you may be facing some tough financial choices right now. We encourage you to pay what you can to avoid late payments on your credit report. If you can’t make minimum payments, we recommend you talk with your employer and your lender to find out if they’re offering any assistance. Most lenders also require you to take out credit life insurance when you apply for credit. Check you have insurance as well as what your specific policy allows you to claim for.