On May 1st, South African pharmacy retailer Dis-Chem became aware that they had suffered a data breach that affected over 3.6 million customers. The breach stemmed from a third-party managed services provider that developed the database where the information was stored. While looking further into the issue, Dis-Chem stated that information such as first name, surname, email addresses, and cell phone numbers were accessed. Dis-Chem made a statement regarding the information that was accessed: “Based on the categories of personal information impacted, there is a possibility that any impacted personal information may be used by the unauthorized party to commit further criminal activities, such as phishing attacks, emails compromises, social engineering and/or impersonation attempts. For example, it may be cross-referenced with information compromised in other third-party cyber incidents, for the further perpetration of crime against data subjects.” Dis-Chem has refused to comment on the incident moving forward.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased