Another day, another bundle of information leaked out onto the internet. The latest is the personal information of some 934,000 South African drivers, who could potentially have had their data compromised after it was found on a publicly-accessible web server.
According to website iAfrikan, which has been working with haveibeenpwned founder and security expert Troy Hunt, some 934,000 South African drivers have had personal data, including but not limited to names, surnames, phone numbers and email addresses, ID numbers, and plaintext passwords exposed on an unprotected web server. Outstanding fine information was also left open for viewing.
iAfrikan explained that the anonymous source who tipped them off to the breach said “It [the personal info] was found on a web server belonging to a company that handles electronic traffic fine payments in SA. Was once again a case of someone enabling directory listing/browsing where their “backups” were saved and this just so happened to be part of it.”
Subsequent investigation revealed that the information leaked via online fine payment portal ViewFines, which is where many South Africans go to avoid queues while staying on the right side of the law.
ViewFines has been repeatedly contacted but has yet to comment.
If you’re worried that your information might have been part of the leak, head on over to haveibeenpwned.com and enter your email address. Not only will you find out whether your driver information has been compromised, you’ll also get a list of any other breaches your email address was involved in.
If your data has been exposed, or even if it hasn’t but you’ve used ViewFines in the past, it will pay to change your password as soon as possible. It would also be a good idea to be suspicious of SMS and email messages regarding traffic fines, as well as any phone calls on the subject. For a while, at least. If your phone number, email address, and outstanding fine info are out there, it’d be pretty easy for a scam to start up which attempts to extract cash from those involved.
Source: iAfrikan