Major Data Breach at South African Telecom Provider Cell C Following Cyberattack
Discover the details of the recent data breach at South African telecom provider Cell C. Learn about the impact, the response, and the implications for cybersecurity.
TL;DR
South African telecom provider Cell C confirmed a data breach following a 2024 cyberattack by the RansomHouse group. The breach compromised sensitive customer data, including full names, contact details, ID numbers, banking information, driver’s license numbers, medical records, and passport details. Cell C has taken swift action to contain the breach and support affected stakeholders.
Major Data Breach at South African Telecom Provider Cell C Following Cyberattack
Cell C, the fourth-largest mobile network operator in South Africa, has confirmed a significant data breach following a cyberattack by the RansomHouse group in 2024. The company, founded in 2001, offers a range of services including prepaid and postpaid mobile plans, data bundles, internet services, fiber broadband, roaming, international calling, SIM-only plans, and device deals.
Details of the Data Breach
The RansomHouse cyberattack resulted in the theft of 2 TB of data, which has since been leaked on the group’s dark web site. The compromised data includes:
- Full names
- Contact details
- ID numbers
- Banking information
- Driver’s license numbers
- Medical records
- Passport details
Cell C acknowledged that threat actors gained unauthorized access to some of its IT systems. In a statement, the company confirmed:
“Cell C is aware that data compromised in the recent cybersecurity incident has been unlawfully disclosed by RansomHouse, the threat actor claiming responsibility. This follows a previously reported incident involving unauthorized access to unstructured data in some parts of our IT environment.”
Cell C’s Response to the Cyberattack
Cell C has taken immediate action to contain the cyberattack, secure its systems, and mitigate the impact. The company has engaged top cybersecurity and forensic experts, informed the relevant authorities, and is actively supporting affected stakeholders. Additionally, Cell C is monitoring for potential data misuse and urging vigilance against fraud, phishing, and identity theft. The company has also shared fraud prevention resources, including guidance on registering with SAFPS for extra protection.
About RansomHouse
RansomHouse is a data extortion group that has been active since December 2021. Unlike other extortion groups, RansomHouse does not encrypt data but focuses on data theft to expedite its activities. Notable victims include AMD and Keralty. The group shames non-payers by leaking data, making backups insufficient for protection. Intrusion Prevention Systems (IPS) are recommended for defense against such attacks1.
Cybersecurity Threats in the Healthcare Sector
American hospitals are prime targets for threat actors due to the sensitive data they manage. In 2024, ransomware attacks on U.S. healthcare providers surged, with 98 attacks compromising 117 million records. High-profile breaches include:
- Change Healthcare (100M records)
- Summit Pathology (1.8M records)
- OnePoint Patient Care (796K records)
- Boston Children’s Health Physicians (909K records)
These attacks often result in system lockdowns, forcing hospitals to switch to manual processes2.
Previous Data Security Incidents
In 2023, Loretto Hospital experienced a data security incident where a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The footage was removed, and the hospital identified and notified the impacted individuals, offering guidance on protecting their information3.
Conclusion
The data breach at Cell C highlights the increasing threat of cyberattacks and the importance of robust cybersecurity measures. As organizations continue to face such challenges, it is crucial to stay vigilant and implement effective security protocols to protect sensitive data.
References
For more details, visit the full article: source
Additional Resources
For further insights, check: