On Wednesday, 19 August 2020, there was a data breach at one of South Africa's leading credit bureau's.

Your all-in-1 guide to protecting against & understanding a data breach

Jan 14, 2021
Author: Ean Barnard

What exactly happened?

On Wednesday, 19 August 2020, there was a data breach at one of South Africa's leading credit bureau's.

According to the credit bureau, "[we] are continuing to investigate an isolated incident in South Africa involving a fraudulent data inquiry. Our investigations indicate that an individual in South Africa, purporting to represent a legitimate client, fraudulently requested services from Experian. The services involved the release of information which is provided in the ordinary course of business or which is publicly available."

You can read more about the data breach directly at the credit bureau's newsroom here.

Below is an excerpt from the credit bureau:

"Regarding consumer information, we can confirm that no consumer bureau records, credit, or consumer financial information were obtained. The various reports citing banking data customers' bureau profile data being released, or large volumes of consumer banking information being obtained, are not accurate. The information returned on consumers was limited to contact information and employment information."

What is a data breach?

A data breach is when information is stolen. This is because the personal information (of one or many people) is taken from a system (like a credit bureau's database), without their knowledge or authorization. This can happen when someone hacks the system, or when someone poses as an authorized person who has access to the information and asks for it. In some cases, it can also be leaked from an internal source to the public.

Stolen data can be sensitive, proprietary, or confidential information such as your address, credit card numbers, banking details, other customer data.

What do you need to look out for when something like this has happened?

There are a couple of things hackers or data stealers can do you with your personal information once a data breach has happened.

The best-case scenario? Spam. Lots and lots of spam.

This is because the person who stole your information wants to submit your details into different financial marketplaces as a lead and get the commission from the companies who sell you the financial products! Sucks right? In our PDF guide getting released on Monday, we will give you some great ideas for kicking spam back in the teeth!

Below are some bad-case scenarios you need to look out for after a breach has happened.

Top tip before reading: Don't panic! Just be prepared. Even if your information is misused, access to your banking details is still very difficult to get.

ID cloning

People will clone your ID to use in applications for financial products. Some companies, stores, or shops are lazy with their ID verification, and you could end up with some basic store cards, credit cards, and other basic financial products.

Fake verification calls and SMS

It is always best to question why verification is suddenly needed for something related to your personal finances. The rule of thumb is, if you're not busy with your personal finance or digital banking profile, there should be no reason why someone suddenly needs to verify you!

The unexpected on your credit report

In a time like this, some unwanted financial products might end up on your credit report. The reason is not always clear on why people do this, but one thing is certain - your credit health will suffer because of it.

Take action: Get your latest report and make sure no financial applications have been made.


What else can hackers do with your personal information in worst-case scenarios?

  • Answer your security questions on calls with the bank.
  • Know the value of your assets like your car and where it stays. This creates opportunities for hijacking or stealing.

Take action: You need to be wary during a time like this. Keep an eye on your bank statements, your accounts, and your assets. Most of the time just being aware and present will scare off any hacking efforts.

What 3 tips can you apply to protect yourself?

1. First things first - check your credit report

This is a super quick and fun action step you can take to see whether there have been any recent efforts made on your financial profile. Any credit-related application will show up here as a request!

If there's anything suspicious, phone the company immediately to report the fraud.

While you're there, you might even find some other weird and (sometimes) wonderful things you never about! This is a great time to inspect your credit health and make improvements.

2. Change your password already

We are all guilty of lazy password practices! But now is a time for action, so when you reach the full stop in this sentence, go and change your passwords and then continue reading.

... And welcome back. Now store those passwords in a (safe) place where you can get them if you forget a password.

These are great ways of storing passwords safely:

  • Password keepers
  • Authenticator tools
  • Touch ID sensitive devices
  • Two-factor authentication storage

They are not unbreakable but will keep the thieves aways most of the time!

Password tips: Keep them unique, use account-specific passwords, include numbers and special characters, don't write it in a generally accessible notepad.

3. Online or digital payments need to be done safely & securely

People are finally buying online without looking behind a computer for the trap. Even though it's great to participate in the online economy without constant skepticism, you should still be very aware of the payment and banking portals you are using.

When you shop online or access your personal finance accounts online, make sure you check the following things:

  • Don't operate on an open wi-fi network
  • Make sure the payment portal is trustworthy and used successfully by many people (a quick google search does the trick)
  • Make sure the website where you type in your personal details or card details is actually secure (does it have an "s" next to the "http" for example?)
  • More than one or two website "redirects" is a clear warning sign!

We hope the few tips above will help you out! On Monday, we are releasing more resources to help you fight the world of digital scams and spams!

Why you should get your next credit report from us?

If one credit bureau fails you, that's okay, it happens! On our myFincheck platform, you get your first one for free, and after that, we've got 3 credit bureaus you can choose from every time you buy a credit report!

Get yours by clicking below.


Relevant Articles


About Us In The Press Blog & News FAQ's Contact Us Terms & Conditions Privacy Policy

Fincheck is a financial comparisons website that organises information to assist the borrower in making their best financial decision.

Fincheck gathers information from numerous banking partners and presents it to the borrower in a simple, understandable way. Lenders benefit from an additional market place and extensive customer reach. Loan amounts vary from lender to lender. Fees, interest rates, loan amounts and credit scores influence the repayment terms. Lenders require personal details to control their risk and assist the government to combat theft, money laundering, terrorism. Fincheck does not endorse any particular product or company. We are an independent company. The information shown and provided is an opinion, based on numbers and must not be seen as advice or consultation.