Liberty Group hacked, client information breach

June 19, 2018

South African insurance and asset management giant, Liberty Group, was the victim of a hack during the early hours of last Thursday morning, 15 June.

The security breach was confirmed by Thursday evening, and clients were notified by SMS on Saturday. The company then held a press conference on Monday evening.

Liberty Group CEO, David Munro, stated that all possible IT vulnerabilities were being looked into and that security measures were being deployed to manage the breach and protect confidential information.

He said, “We’re taking this one step at a time and we’ve had a team working on this since it was authenticated as a threat.”

Emails and attachments are believed to have been compromised in the breach.

A ransom demand was reportedly made shortly after the hack was confirmed. The perpetrators remain unidentified, and no malicious acts due to the breach have been reported.

According to Andrew Chester, managing director of Ukuvuma Cyber Security: “It most likely happened in one of two ways: it was either an inside job or someone with the correct privileges was hacked, which means that they could have used that person’s permissions to get into the system.”

Chester said it was also concerning that no-one at Liberty Group detected the breach until the hackers themselves informed the company.

He said, “There’s a common saying that you sometimes don’t know you’ve been hacked until law enforcement comes knocking at your door, but in this case, Liberty only found out once the criminals had contacted them.”

This cyberattack is the largest the country has seen since the “Master Deeds” data breach of October 2017.

Because of Liberty’s European stakeholders, this could be the first South African incident to be subject to the European privacy law, the General Data Protection Regulation (GDPR), since its inception on 25 May 2018.

The GDPR requires companies to send out breach notifications to their clients.

Liberty’s stocks have dropped by 5% since the incident, and investors will likely be wary until the issue has been resolved.