Close to a million (934,000) personal records of South Africans have reportedly been publicly exposed online, following what appears to be a governmental leak.
According to a report by iAfrikan journalist Tefo Mohapi and ‘Have I been pwned‘ analyst Troy Hunt, the data includes, among others, national identity numbers (ID numbers), e-mail addresses, full names, as well as plain text passwords to what appears to be a traffic fine-related online system.
Mohapi said the data was backed up or posted publicly by one of the companies responsible online payments of traffic fine in South Africa.
“This is yet another reminder of how far our data can spread without our knowledge. In this case, in particular, the presence of plain text passwords poses a serious risk because, inevitably, those passwords will unlock many of the other accounts victims of the breach use.
“This one incident has likely already led to multiple other breaches of online accounts due to that reuse,”said Hunt, quoted by iAfrikan.
Posting on Twitter, Hunt said that leak will be uploaded to his website shortly, allowing South Africans to check if they have been affected by the breach.
This marks the second major breach in just under a year, with over 60 million South African exposed in a similar data breach in 2017.
It was recently reported that 96,000 South Africans were also affected by the recent Cambridge Analytica breach.
The Department of Transport was asked for comment, but had not replied at the time of writing.