The South African Companies and Intellectual Property Commission (CIPC) holds the registration details of companies, co-operatives, and intellectual property rights within a vast database that includes ID numbers, addresses, contact information, and more. The CIPC was recently compromised in a hack that left millions of companies vulnerable.
Richard Frost, Head of Consulting at Armata, points out that the lack of visibility into the stolen information is a real concern, as some of the data should not be in the public domain, much less in the hands of hackers.
“The CIPC site allows organisations and individuals to verify a company using basic information such as the registration number, but the moment you get real information about directors such as their ID and where they live, there is ample opportunity for fraud and identity theft,” he explains. “For example, criminals can order laptops with fake banking information and a fake address using a company's registration and director information. The firm providing those laptops will then chase the company for payment for an order it did not make. Then the company is liable for the costs, not the threat actor.”
In addition to impersonating a director, fraudsters can use the information to email customers of legitimate organisations and claim the company has changed its bank account information. They can provide customers and suppliers with CIPC data that verifies who they are and essentially siphon funds away from the business. Customers will insist they have paid, but the funds have gone to a fraudulent account.
As the extent of the hack emerges, companies need to remain on the alert for at least six to 12 months. This type of attack has a long tail, and organisations need to protect themselves through constant vigilance. The risk is that many companies will not realise they have been targeted until an incident is flagged. This can then cost them significantly in terms of reputational damage, financial loss, and even customers.
“Companies, whether large enterprises or solopreneurs, need to stay close to TransUnion and Experian right now,” says Frost. “You need to see who is opening up accounts in your name. For larger organisations, it is worth taking a leaf out of the financial institution playbook and creating digitally stamped documents to prove that any request or purchase is coming from a legitimate company. Most importantly, though, for companies of all sizes, is to stay close to the credit bureaus so you can quickly catch any unusual activity.”
To mitigate potential customer fallout, companies should contact their customers and highlight the risks, asking them to be aware of any changes in day-to-day interactions and confirm in person if any requested changes are genuine.
“Every single company in South Africa needs to send out an email to customers highlighting the potential risks and giving them insight into how they can prevent them,” concludes Frost. “In addition, individuals need to be aware of fake calls and scams – if a caller says they are from a fraud division, instead of paying or providing personal information, suggest calling them back first. The CIPC hack essentially demands that companies and individuals increase their vigilance across all platforms so they do not fall victim to crime.”
For many companies and individuals, a successful hack or case of fraud can leave them financially destitute, and there are limited legal and governmental protections in place. While this landscape is changing, the best step forward is to be on constant alert to avoid the need to take the CIPC on a long, drawn-out court case or rebuild your business from scratch.
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version