Independent Online
Bookmark article to read laterSearch IOL
NewsOpinionBusinessLifestyleEntertainmentTravelBusiness ReportPersonal FinancePropertyTechnologySportMotoringNewspapers
Independent Online | Business
Search IOL
NewsOpinionBusinessLifestyleEntertainmentTravelBusiness ReportPersonal FinancePropertyTechnologySportMotoringNewspapers
Shop @ LootIOL Property
Independent Online

Saturday, April 19, 2025

View 0 recent articles pushed to you.Like us on FacebookFollow us on TwitterView weather by location

Cell C confirms data breach, warns users to remain vigilant

Cell C, South Africa’s fourth largest mobile network operator, made headlines on Wednesday morning after accusing the cybercrime group RansomHouse of unlawfully disclosing sensitive user data following a significant security breach.

Cell C, South Africa’s fourth largest mobile network operator, made headlines on Wednesday morning after accusing the cybercrime group RansomHouse of unlawfully disclosing sensitive user data following a significant security breach.

Image by: Independent Newspapers

Published Apr 9, 2025

Share

Cell C, South Africa’s fourth largest mobile network operator, said on Wednesday morning that RansomHouse had unlawfully disclosed data after a security breach for which RansomHouse is claiming responsibility.

The operator, with 7.7 million subscribers as of February, was attacked in early November 2024 and RansomHouse acquired 2TB of data, which has been corroborated by files posted on the dark web, according to security company PFortner.

Data accessed included:

  • Full names and contact details (email, phone numbers)
  • ID numbers
  • Banking details (if stored for billing purposes)
  • Driver’s License Numbers
  • Medical Records (if supplied for closure of accounts on death of a family member)
  • Passport details

It is not clear how many people were affected.

In an open letter, Cell C CEO Jorge Mendes said that “given that this information has now been published by RansomHouse, we urge you to take steps to protect yourself from phishing, or potential fraud or identity theft”.

In a statement, the mobile operator said it deeply regretted “this development and the concern it may cause among our employees, customers, partners, and stakeholders at large”.

Cell C said that, since detecting the incident, it has taken decisive steps to contain the threat, further secure its systems, and mitigate impact. These include:

  • Engaging leading international cybersecurity and forensic experts to support containment and response
  • Notifying and cooperating with the Information Regulator and relevant authorities
  • Communicating with affected stakeholders to provide findings and guidance

“Cell C has engaged its experts to monitor potential misuse of the data and urges all stakeholders to remain vigilant against fraud, phishing, and identity theft,” the operator said.

It noted it continued to work closely with authorities and security specialists to monitor any further developments and to reinforce the integrity of its systems. “Cell C remains committed to transparency, accountability, and protecting the interests of the people and partners we serve,” it said.

The operator also encouraged people to apply for Protective Registration with the South African Fraud Prevention Services here.

The operator has set up an information hub, which can be accessed here.

IOL

Related Topics:

data protection policycyber attackcyberfraudcell c