South Africa has suffered its largest data breach to this date.
Millions of personal records of citizens with South African 13-digit ID number, have been leaked to the internet. The breach was first revealed by security consultant, Troy Hunt.
Hunt is also the founder of Have I Been Pwned?, an online service which allows people to check if their account, email address or username, have been compromised in any data breach across the globe.
"I typically receive many files relating to data breaches daily but what struck me about this one was that it was 27GB in size," said Hunt to iAfrikan.
The data, sent to Hunt in a file titled masterdeeds.sql. After observing it, he saw that it contains information ranging from ID number, age, marital status, income, race group, company directorships held (and previously held), employment details, and also property ownership information.
From that massive database, Hunt imported about 30 million unique records into the MySQL database. He saw that the database file was last modified in March 2017, and include both deceased and alive people in South Africa, dating back to the late 1990s.
Hunt also confirmed that the dataset contains 2,257,930 unique email addresses, which is a small percentage compared to the total unique records in the dataset.
The data was said to be hacked from either the credit bureau, a data aggregation company, or a digital ID/FICA repository company. And because it's available on the internet, it's likely to be traded somewhere.
Hunt queried the data of people who granted permission for him to do so, and the results were legitimate.