Sensitive data on businesses and individuals in South Africa remains at risk following a recent cyber attack on the Companies and Intellectual Property Commission (CIPC).
The CIPC, which manages the registration and intellectual property data of the nation’s businesses, has shared little specific information about what data was exposed in this month’s cyberattack. The agency he told South African media that the attack that compromised the personal data of employees and its customers was “isolated” and that it was taking steps to “ensure that CIPC systems and platforms are protected from illegal and/or unauthorized access and abuse and remain available to our customers for transactions.”
Meanwhile, security experts are raising the alarm over a lack of details about the data exposed in the attack and the consequences of the compromise. “The lack of clarity about the type of data stolen is a major concern,” said Richard Frost, head of consulting at Armata. he told Biz Community. “Some of this information should never be available to the public, much less in the hands of hackers.”
Personal information about CIPC directors as well as other sensitive data could be subject to abuse, he noted. “Every single South African business should be reaching out to their customers,” Frost said. “Highlight the risks, explain preventative measures and encourage them to check for any suspicious requests.”