POPI – The impact of the latest data leak

Details of the POPI leak

Millions of South Africans have had their personal information exposed, 66 million people at the last count.  Some of these include information of deceased people and a significant number are those of young children and teenagers.  It is not known exactly how long the information has been public, but the latest information is that the data was purchased in 2014 and includes both personal and special personal information such as email addresses, occupations, addresses, ID numbers, employer information, income and mobile numbers.  We look at the POPI impact of this leak.

How did this POPI leak occur?

The fact that all of this information was ‘sold’ by one company to another, who then kept the information on a server accessible to the public without the necessary security is the very reason it is critical that the Protection of Personal Information Act is enacted as soon as possible. It is disturbing to know that our most private information is collected and shared without our knowledge!  We require laws and regulations to protect us from situations like these when in fact our private information should be respected as a basic human right.

The largest POPI leak since our democracy

Information on privacy leaks and breaches by companies in South Africa have been hidden from the public, as there has not been a requirement to disclose these breaches. So, whilst this is being branded as “the largest breach since our democracy”,  there is no knowledge on whether this breach is just one of many. The good thing is that it has received significant attention and therefore will hopefully speed up the implementation of the Protection of Personal information.

How does the POPI leak impact you?

Another consideration is whether there were only South African citizens information that was exposed or whether individuals who are also citizens of other countries were involved and whether the privacy requirements of those countries have been breached.

But what is the fuss all about, why should personal information be protected?

  • The email addresses that have been gathered could be used by hackers to send malicious email links to individuals exposing them to financial, security and reputational risk.
  • When multiple personal data fields are exposed it allows criminals the ability to impersonate people or completely take on their identity and expose them to financial, security and reputation fraud.

Who is investigating the POPI data leak?

The Information Regulator who is responsible for ensuring that companies and individuals comply to the ‘Protection of personal information act’ has commented that a leak of this nature has put South Africa in disrepute and a compromising position, and will be investigated by the regulator, home affairs and the police.

on’t get caught off-guard!  Contact us today for a quick assessment.  

Click here to have a look at the POPI services we offer.  

POPI Impacts each and every one of us!  Are you ready?