From the editor's desk: Waiting for PoPI

Issue 7 2020 News & Events

A while ago we heard of yet another cyber breach, this time from Experian. If you read the Hi-Tech Security Solutions’ article online (www.securitysa.com/11231r), you wouldn’t have been too perturbed as the company claimed to have it under control.

Nothing to see here, move along ( https://www.youtube.com/watch?v=5NNOrp_83RU, or you can use the short URL www.securitysa.com/*move). More recently we heard that personal information of millions www.securitysa.com/*move of South Africans has been found online from the Experian breach.

So the question is whether the company knew how bad the breach was and covered it up hoping nobody would notice, or were they simply unaware of the extent of the breach? Either option is unacceptable. Given the business of Experian, it holds data that is extremely personal and can be used for identity theft.

What identity theft means in the real world is that whoever has your details – including your ID number – can open an account in your name, take out a loan, get married and so on, all in your name. They also have brilliant information to use to send you an email that looks like it comes from your bank, or to call you and claim they are your bank, giving you enough personal information to make you believe them since your bank is trustworthy and certainly wouldn’t be sending your personal details to anyone else.

While the individuals at Experian are probably feeling sorry for themselves right now, the real victims of this crime are you and me. We have no recourse against these financial companies and no matter what happens they will blame their customers and make it close to impossible to recover all the losses one may suffer from identity crime.

One fine day in 2021, the PoPI Act will allow the Information Regulator to investigate these types of breaches and impose fines or more. Although we have to wonder if that will ever happen according to the law or only to selected politically convenient targets. Law enforcement in general in South Africa is not a top priority; can we expect cyber law enforcement to be any different?

Unless executives are actually jailed they will simply pay a fine and pass the costs along to the customer – you. You can’t expect these important people to miss out on a bonus. That wouldn’t be fair.


In case you missed the sarcasm above: yes, banks would share your information under the guise of sharing it with third parties.

I apologise, I mean trusted third parties, like Experian.

Andrew Seldon

Editor


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From the Editor's desk: Apathy is a cybercriminal
Technews Publishing News & Events
      Welcome to SMART Security Solutions’ first print publication of the year, the SMART Access & Identity Handbook 2025. This year’s print issue is smaller than usual, so we include some articles in the ...

Read more...
Federated identity orchestration
Technews Publishing SMART Security Solutions Editor's Choice Access Control & Identity Management Security Services & Risk Management AI & Data Analytics
Understanding exactly who resides at the end of a digital device is key, and simple identity number verification by the Department of Home Affairs is no longer a viable solution on its own.

Read more...
Managing identities for 20 years
Ideco Biometrics Technews Publishing SMART Security Solutions Access Control & Identity Management Integrated Solutions IoT & Automation
Many companies are now more aware of the risks associated with unauthorised access to locations and sensitive data and are investing in advanced identity authentication technologies to mitigate these threats.

Read more...
Balancing security and ease-of-use
Technews Publishing SMART Security Solutions Access Control & Identity Management Security Services & Risk Management
Fraud incidents have financial repercussions and erode consumer trust, leading businesses to become more aware, though this awareness does not necessarily translate into confidence in their identity authentication processes.

Read more...
Identity and authentication
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security Security Services & Risk Management
Identity authentication is a crucial aspect of both physical security and cybersecurity. SMART Security Solutions obtained insights into the topic and the latest developments from three companies.

Read more...
Integration and IoT made easy
Technews Publishing SMART Security Solutions Access Control & Identity Management
The security industry is built on silos, be it surveillance, access control, alarms and others, but integration has become a critical issue in recent years. SMART Security Solutions speaks to Integr8 Systems about its local hardware and software.

Read more...
Mobile credentials taking off
Technews Publishing SMART Security Solutions Paxton Secutel Technologies Access Control & Identity Management
Mobile smartphone access is becoming more common, with use cases ranging from Bluetooth, NFC (Near-Field Communication), or QR codes to manage secure access to commercial and personal locations.

Read more...
SMARTpod talks to Armata’s Richard Frost
Technews Publishing SMART Security Solutions Videos
SMARTpod, the podcast by SMART Security Solutions, recently spoke to Richard Frost from Armata about the company's new 'all-in-one' cybersecurity bundle designed to relieve cyber stress in the SMB market.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...