Information Regulator warns of hefty fines for data breaches
SHARE THIS PAGE!
The Information Regulator of South Africa (IRSA) says a security compromise could range from a fine of R10 million or an imprisonment of up to 10 years.
This comes as Discovery Insure said the personal information of its clients was compromised to pass its identification and verification screening.
It says it has since sent out formal notifications to its clients to alert them and offer them support, including personal security consultations.
Discovery Insure says its audit and forensic screenings detected a scam in which clients’ personal information was leaked.
It says this was done through an impersonator who most likely obtained clients’ personal information from historical third-party data breaches.
The company says it identified 19 instances where the impersonator passed the verification process, leading to the impersonator obtaining clients’ policy information.
IRSA member, Advocate Collen Weapond, says such a compromise could lead to a fine or imprisonment.
Discovery Insure says it has reported the incident to the Insurance Crime Bureau, the South African Banking Risk Information Centre and the Information Regulator of South Africa.
Advocate Weapond says the regulator has received a notification from the company as per Section 22 of the Protection of Information Act as well.
He says the company must ensure that there is no further security compromise on its system.
Discovery Insure says it has appointed forensics specialists to continue screening its systems. The insurance company also urges all its clients to be vigilant with their personal information.
VIDEO | Information Regulator warns of consequences in Discovery data breach: