Based on a recent report, the Companies and Intellectual Property Commission (CIPC), South Africa’s regulator for business registrations and intellectual property rights, has fallen victim to a major cybersecurity breach. Last week, the CIPC disclosed that an attempted intrusion may have exposed personal information of staff and clients.
After detecting the cyberattack on February 29th, the CIPC took its IT systems offline to investigate and implement repairs. Services like the website, call center, and self-service portal were temporarily unavailable during the outage.
The hackers claim to have exploited a vulnerability in software developed for the CIPC by Sword South Africa. They allegedly accessed all CIPC data, including credit card numbers and passwords stored in plain text. As proof, they provided sample data containing names, ID numbers, addresses, and CIPC passwords of individuals.
Concerningly, the hackers state they can modify company registration records however they wish. They are demanding a $100,000 bitcoin ransom from the CIPC, calling the organization “reckless with sensitive info” and accusing it of trying to cover up security flaws.
Affected clients have been warned to monitor their accounts closely for any suspicious activity. The CIPC data breach highlights the need for robust cybersecurity measures at all levels.
Also Read: Experts Warn of Job Losses in Binance’s Nigeria Exit