A Brazilian hacking group known as “N4ughtysecTU” has confirmed breaching TransUnion South Africa.
The attackers stated that they breached the poorly secured TransUnion SFTP server by allegedly using the password “Password.”
After breaching the server, the attackers stole data containing roughly 54 million customers mainly from South Africa.
The hackers stated that the ransom demand was set to $15,000,000 in Bitcoin. They threatened to demand an “insurance” payment from TransUnion’s customers if a ransom was not paid. TransUnion has confirmed that it will not pay the ransom fee.
The “insurance” payment was pegged at $1,000,000 for large organizations and $100,000 for small organizations.
Customers who pay will therefore be exempted from the stolen data to be published online.
TransUnion customers in South Africa are advised to remain calm and reported any suspicious activities to the authorities.
For more information, read the original story in BleepingComputer.