Threat Watch

South Africa’s Electricity Leader Eskom Gets Data Exposed

A researcher has taken to Twitter in an effort to get Eskom to take customer data down from the public eye. Eskom is a state-owned electricity provider that is responsible for nearly all of South Africa’s power and has roughly 5.7 million customers. The researcher posted two tweets that included two pictures. The initial tweet read, “You don’t respond to several disclosure emails, email from journalistic entities, or Twitter DMs, but how about a public tweet? This is going on for weeks here. You need to remove this data from the public view!” In the image posted with the tweet, data such as account ID’s, service dates, as well as meter information was viewable. As for the second tweet it simply stated, “Ok. It got worse.” A small sample of a customer’s data such as their name, type of card, partial card numbers, and their CVV was pictured in the image. This is all believed to come from the company leaving its billing software database open without a password. Another user took to Twitter to inform Eskom of a separate issue, a Trojan in one of their corporate machines. One of their employees using the account “mg@eskom.co.za” downloaded a phony SIMS 4 Installer and the tweet stated that all of her credentials were stolen because of this. Eskom is investigating both issues as of now but will not release another statement until the investigations are completed.

ANALYST NOTES

Users should be on the lookout for fraud attempts since it is possible their financial information could have been compromised. It is suggested that users look into the use of a fraud monitoring service until further information is available.