South Africa’s telecommunications sector, Cell C, the country’s fourth-largest mobile network operator, has confirmed that sensitive data from its systems was leaked on the dark web following a cyberattack that occurred last year.
The breach, attributed to the cybercriminal group RansomHouse, reportedly compromised approximately 2TB of company data.
Cell C acknowledged that unauthorized access was gained to certain portions of its IT infrastructure, potentially exposing the personal information of many of its 7.7 million subscribers.
According to a statement released Wednesday, the compromised data includes highly sensitive personal information such as full names, contact details, identification numbers, banking information, driver’s license numbers, medical records, and passport details.
“Cell C is aware that data compromised in the recent cybersecurity incident has been unlawfully disclosed by RansomHouse, the threat actor claiming responsibility. This follows a previously reported incident involving unauthorised access to unstructured data in some parts of our IT environment,” the company said.
“We understand the seriousness of this development and deeply regret the distress or concern it may cause,” Cell C CEO Jorge Mendes wrote in a letter addressed to customers.
The company has urged affected individuals to remain vigilant against phishing attempts and possible identity theft now that the data has been published by the attackers.
The telecom provider has not disclosed whether a ransom was demanded or if any negotiations took place with RansomHouse. However, the company stated it is working closely with international cybersecurity and forensic experts while cooperating with relevant authorities to address the situation.
Additionally, Cell C has implemented monitoring systems to track potential misuse of the leaked information.
“As part of our commitment to safeguarding the interests of our stakeholders and full transparency, Cell C has set up an Information Hub, www.worldofcellc.co.za/information-hub, where stakeholders can access tips on protecting themselves against cybercrime, support and actions to protect against fraudulent activity, as well as frequently asked questions on the cyber incident,” the company stated.
RansomHouse, which emerged in March 2022, employs a distinctive approach to cybercrime. Rather than encrypting victims’ data, the group threatens to publicly release all exfiltrated information.
RansomHouse presents itself as a “force for good,” claiming to expose vulnerabilities in corporate security systems.
This isn’t RansomHouse’s first high-profile attack. The group has previously claimed responsibility for breaches affecting major organizations including Advanced Micro Devices (AMD), Shoprite Group, and the Saskatchewan Liquor and Gaming Authority.
You must be logged in to post a comment.