The Information Regulator revealed that TransUnion could face a fine of up to R10 million. Photo: Stock Image / Pixabay
TransUnion could face a fine of up to R10m – Information Regulator
The Information Regulator explained that TransUnion has to comply with eight conditions in terms of protecting personal information.
The Information Regulator revealed that TransUnion could face a fine of up to R10 million. Photo: Stock Image / Pixabay
TransUnion has been making national headlines after news broke that it has been hacked. The Information Regulator has recently revealed that there are ongoing engagements with TransUnion representatives.
TransUnion and Information Regulator hold talks
The Information Regulator’s talks with TransUnion are to assess the data breach and discuss possible solutions to the unexpected matter. Advocate Collen Weapond of the Information Regulator explained that TransUnion could be fined.
Weapond stated that the credit bureau could have to fork up a whopping R10 million. Weapond explained that there are eight conditions regarding the unlawful processing of personal information that is entrusted to any party.
TransUnion has a list of conditions to comply with or face repercussions
Weapond went into detail through an interview with eNCA where he explained that TransUnion is supposed to comply with the eight conditions. He revealed that failing to do so could result in the Information Regulator investigating and giving out a fine of R10 million or up to 10 years in prison.
“Responsible parties including TransUnion are supposed to comply with those conditions. Failure which could result with the regulator investigating the security compromise which can result in a fine of up to R10-million or imprisonment of up to 10 years or compilation of both in terms of section 1/7 of the Protection of Personal Information Act.”
Advocate Collen Weapond, Information Regulator
Investigations are ongoing
Weapond shared that TransUnion has been in talks with international negotiators to assist them with speaking to the hackers. They also hope to approach international agencies to assist them as the hackers are outside of South Africa.
“Investigations are continuing. Information regulator was informed and gave constructive engagement to extend that we agreed on the way forward,” said Weapond.
Credit bureau confirms ‘extortion demand’
TransUnion South Africa confirmed that a “criminal third party” gained access to one of its servers. A hacker group has reportedly claimed responsibility for the hack and the company said it will not meet their ransom demands.
TransUnion, which is one of the country’s largest credit bureaus, said the hackers gained access to its server through misuse of an authorised client’s credentials.
The American company has a presence in more than 30 countries around the world.“We have received an extortion demand and it will not be paid,” said the company in a statement on Thursday. Read the full story here.
