Identity documents and contact details exposed in Vodacom fiber reseller data breach

Vodacom has warned customers who have purchased Vodacom Fiber subscriptions through marketing agency Real Promotions that a data breach has compromised their personal data.

In an email sent to affected customers on Wednesday, August 17, 2022, the company said an unauthorized party accessed the agency’s servers.

“Real Promotions has informed us that the information accessed includes first and last name, email address, ID number, copy of ID, mailing address and ‘physical address,’ Vodacom said.

The exposure of copies of identity was also one of the consequences of a recent cyberattack that led to Shoprite’s customer data be posted on the dark web.

Vodacom said Real Promotions shut down access to the compromised server after the breach was discovered and was monitoring its systems for further unauthorized activity.

It also appointed independent cybersecurity forensic specialists.

“Real Promotions has assured us that they have since resolved the issue and that every step has been taken to ensure that no one else can access this information from their server,” Vodacom spokesman Byron Kennedy said. , at MyBroadband.

“Vodacom and Real Promotions have reported the incident to the news regulator and remain committed to working with the appropriate authorities.”

Kennedy said no passwords were exposed and all information relating to other Vodacom services was safe.

“No Vodacom or Vodacom Fiber systems have been compromised or are at risk as a result of this incident,” he said.

“We have nonetheless urged affected Vodacom Fiber customers to be particularly vigilant online, by email and if they receive any unexpected phone calls.”

“We will let affected customers know if there are any further actions we recommend they take.”

On its website, Real Promotions lists several other ISPs to which he provided promotional services or represented, including Cell C, Mweb and Telkom.

Other clients include Afriderm, Converse, Mor Energy and Tru-Cape.

However, this list may no longer be relevant, as some of the companies on it – such as Neotel and Virgin Mobile – have changed names or no longer exist.

MyBroadband has contacted Real Promotions for comment on the scope of the breach, but did not provide further information at the time of publication.

Read now: Twitter helped South African police track down instigators of July riots