Liberty regrets to confirm that it has been subject to illegal and unauthorized access to its IT infrastructure. An external party has taken data from us and demanded payment.
Liberty was alerted of the intrusion into its network late on Thursday evening. Liberty specialist teams immediately began investigating the incident, prioritising the protection of customer details and of the security of the company’s IT systems. The relevant authorities were also alerted. As soon as Liberty was able, customers were informed via mails, SMSs and via a media statement on Saturday afternoon.
The safety and security of Liberty’s customer information is, and remains, the company’s top priority.
David Munro, Liberty CEO, says: “Our team of dedicated IT specialists and security personnel have devoted all their efforts around the clock to ensure that we live up to duty of care to protect our customers and their details. We immediately identified and addressed specific vulnerabilities the Liberty IT infrastructure may have had, ensuring the integrity of our customer data. We can confirm that we are in full control of our IT environment. To our customers, we totally understand the concerns they might have about the impact of this act of criminality.”
Mr Munro says: “We did engage with the external parties involved to determine their intensions, but we made no concessions in the face of this attempted extortion.”
Liberty is at an advanced stage of investigating the extent of the data breach, which at this stage it seems to be largely emails and possibly attachments. Any further updates in this regard will be given as soon as more facts emerge.
At this stage there is no evidence that any customers have suffered any financial losses. Liberty staff will proactively inform any customers individually if and when it is discovered that they may have been impacted. No further action is required from Liberty’s customers at this stage.
Liberty and its management totally understand its customers’ concerns, and we deeply regret the possible impact of this act of criminality.
16 June 2018 - South Africa's Liberty Group has suffered a systems and data breach. Link
17 June 2018 - Alleged hackers of Liberty Group's IT infrastructure have made a public statement. They say they have 40TB worth of the companies hacked data and will be releasing samples daily. Link
This is a developing story and we will update as new information is discovered and available