Cell C, South Africa’s fourth largest mobile network operator, made headlines on Wednesday morning after accusing the cybercrime group RansomHouse of unlawfully disclosing sensitive user data following a significant security breach.
Image: Independent Newspapers
Cell C, South Africa’s fourth largest mobile network operator, said on Wednesday morning that RansomHouse had unlawfully disclosed data after a security breach for which RansomHouse is claiming responsibility.
The operator, with 7.7 million subscribers as of February, was attacked in early November 2024 and RansomHouse acquired 2TB of data, which has been corroborated by files posted on the dark web, according to security company PFortner.
Data accessed included:
It is not clear how many people were affected.
In an open letter, Cell C CEO Jorge Mendes said that “given that this information has now been published by RansomHouse, we urge you to take steps to protect yourself from phishing, or potential fraud or identity theft”.
In a statement, the mobile operator said it deeply regretted “this development and the concern it may cause among our employees, customers, partners, and stakeholders at large”.
Cell C said that, since detecting the incident, it has taken decisive steps to contain the threat, further secure its systems, and mitigate impact. These include:
“Cell C has engaged its experts to monitor potential misuse of the data and urges all stakeholders to remain vigilant against fraud, phishing, and identity theft,” the operator said.
It noted it continued to work closely with authorities and security specialists to monitor any further developments and to reinforce the integrity of its systems. “Cell C remains committed to transparency, accountability, and protecting the interests of the people and partners we serve,” it said.
Related Topics: