Brazilian hacking group demands $15M after cyber attack on SA's credit bureau, TransUnion

A Brazilian hacker group, N4aughtysecTU, which has claimed responsibility for a cyber-attack on a server of one of South Africa’s credit reporting agencies, TransUnion, is demanding a ransom of $15 million.

The hacking group has also reportedly given TransUnion seven (7) days to pay the ransom in bitcoin.

TransUnion South Africa confirmed the incident, describing the hacker group as a criminal third-party, and said, “we have received an extortion demand and it will not be paid.”

The hackers are reported to have gained access to over four terabytes of compromised data involving customers' ID numbers, banking details, and credit scores.

The company said the hacking group obtained access via the misuse of an authorised client’s credentials. 

“Immediately upon discovery of the incident, TransUnion South Africa suspended the client's access, engaged cybersecurity and forensic experts, and launched an investigation,” the company said in a statement. 

“We believe the incident impacted an isolated server holding limited data from our South African business. We are working with law enforcement and regulators.”

According to South Africa's online daily, the Daily Maverick, the breach affects all South Africans who have taken on credit agreements, regardless of the size of the loan.

“When you enter into agreements with your banks or other financial institutions, credit card companies, auto lenders, utilities or other creditors, you automatically consent to sharing credit and payment history with the credit bureaus. These agreements outline that your account information and payment history will be reported to the credit reporting agencies,” the online publication explained.

TransUnion, a US-founded company, is said to have presence in over 30 countries around the world.