Eskom, a South African largest electricity public utility, has been keeping customer data exposed for a few weeks. The company, which generates more than 90% of local electricity and almost half of the electricity used in Africa, was asked to “remove this data from the public view” by Devin Stokes, a security researcher, but the representatives would not fix the bug.
Stokes has detected a vulnerability in the company’s system. The reason for the leak and the way the data could be accessed haven’t been cleared up yet.
Stokes posted two sequential screenshots. The second one revealed that not only account IDs and meter details were compromised, but financial data of clients, full names, partial card numbers and security codes were breached as well.
The number of those affected hasn’t been sounded off yet, although it is known that Eskom provides services to almost 6 million customers in South Africa.
The researcher has pointed out a possible issue claiming that the database lacked a password.
Eskom has recently been warned about a Trojan on one of their corporate assets which had invaded the network as a fake The Sims 4 installer.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!