From Ai to the Cloud – Cybersecurity


AI, Cloud and Hybrid Work Trends

2024 is turning out to be a fascinating year for the tech industry as AI becomes mainstream and companies double down on the cloud as a way forward for business process streamlining.

As the year unfolds, forward thinking businesses will be watching the evolving trends and planning their cybersecurity strategies accordingly. Here are some big movements in the tech industry to keep an eye on this year.

AI isn’t going away anytime soon

Since the world was thunderstruck by the launch of ChatGPT in late 2022, the rollout of AI solutions and businesses around the world has only intensified.

Large Language Models, AI assisted internet search offered by sites like Microsoft Bing, and the outsourcing of basic tasks to chatbots have gone from futuristic dream to a new reality.  

In fact, some economists still predict that AI will threaten the future of many jobs.

Developed markets like the US have rolled out AI at a large scale, either replacing or augmenting positions that were previously done exclusively by humans. These changes may only be affecting employees at the entry level for now, but professionals in all industries – including law, medicine, and even executive management – are exploring the possibility that some of their traditional expertise may be carried out by machines in less than a decade.

For companies, there’s an indisputable cost/benefit to using AI and it certainly can improve efficiencies in many areas of a business – but new technology is not without risks.

  • AI applications have been proven to be unreliable in certain areas, including fact checking, with ChatGPT providing hilarious instances of output that seems professionally acceptable at first glance but actually contains several highly problematic facts and phrases.
  • Accuracy aside, the involvement of AI in business processes raises the risk of cybercrime and hacking attempts, which could be potentially disastrous if bad actors take control of an AI-run Business process of a major corporation or bank.

It remains to be seen whether the rollout of AI will bring all the benefits that it promises but there’s no doubt that it’s here to stay. The enormous amount of data that AI applications produce will need to be managed and secured – and that’s where reliable secure cloud storage comes in. 

Hybrid work continues to become the norm 

The remote working trend that accelerated during the pandemic has become a way of life for millions of workers around the world. South African businesses are embracing the remote working model, giving employees flexibility and companies the ability to obtain talent without borders. 

These benefits come with a parallel responsibility for businesses to comply with the Protection of Personal Information Act and keep their sensitive data safe. Secure cloud storage is an ideal way to secure important files and scale up the amount of storage as needed. 

Cloud computing is the future

Companies are producing more data than ever before with a staggering 120 zettabytes created in 2023 alone – and all of this information needs to be stored somewhere. Increasingly, companies are choosing to keep their files safe in the cloud, making it essential to choose the right storage provider.

Recently, an incident in which Google Cloud accidentally deleted every single file belonging to a major Australian pension fund made shocking headlines. This may be a rare incident, but it certainly highlights the potential for disaster that may occur in the wake of a cyberattack.

Not all cloud providers are created equal Before businesses simply upload all their files to a generic online storage location it is essential to ensure that the necessary security protections are in place. Chief among these is immutable storage, which uses advanced coding to ensure the data cannot be manipulated once it’s stored safely in the cloud.

Our range of secure backup solutions feature immutable storage as part of their key architecture. To learn more about our offering and how it can keep your company’s data safe and out of the hands of cybercriminals, browse our range of packages today.

Business Continuity with Cloud Backup – Cybersecurity

The Business Continuity Imperative: Ensuring resilience through cloud backup solutions

As South Africa faces a rapidly increasing number of cyberattacks this year, businesses across the country are coming to terms with the fact that their data can and may be compromised in the near future. 

If your organisation is unfortunate enough to fall prey to an online attack, the one thing on everyone’s mind (from management all the way to the IT department) should be continuity of operations. The question for every business is however, how to ensure continuity when the very data that underlies your business processes has been compromised.

Let’s take a look at some recent news about South Africa’s cybersecurity crisis and find out how businesses can secure their data for uninterrupted trading following a cyberattack.

Time to beef up your defences against cyberattacks

The ultimate goal of cybercriminals is to compromise your company’s data and demand a ransom for its return. 

This criminal strategy can be extremely effective if the company loses access to its sensitive files – but a recent backup of every important piece of data safely encrypted in the cloud means that the hackers have lost before negotiations even begin.

Recent cyberattacks against Telkom, the office of the Chief Justice, and even a high tech security provider like Tracker prove yet again that businesses and government departments are not immune from online data theft- in fact, every internet user needs to be on their guard as cybercrime increases. 

Secure cloud backup is the most powerful weapon against cybercriminals, and it can be obtained affordably. Our range of backup solutions that scale up to suit the needs of growing businesses are a case in point. 

Securing sensitive data couldn’t be more important in 2024

Perpetrator Type

Credit: Brett van Niekerk – Durban University of Technology

South Africa faced 230 million cyberthreats in 2022 alone and this figure is likely to be much larger for 2023 and ‘24 when the latest data becomes available.

With over 90% of the threats to local businesses arising from email cybercrime and an ongoing lack of staff training to identify suspicious correspondence, it’s likely that more and more businesses will fall prey to this type of crime. 

This corresponds closely to the findings of a research paper published in 2017 which identified “hactivism” and data loss as major threats to South African businesses.

When a cyberattack does occur, continuity is key. Here are some strategies businesses can implement to prevent losing access to their data.

Cloud storage is a key component of business continuity 

A cyberattack may be the last thing that any manager or company owner wants to think about, but the harsh reality is that thinking about it is crucial – and preferably, ahead of time.

In the minutes and hours following a cyberattack, your first priority will be returning your systems to functionality and recovering lost or corrupted data to ensure business continuity. 

A cybersecurity response plan – which can be meticulously thought out in advance and simply put into action in the worst-case scenario – is key during the damage mitigation phase following the attack.

Secure cloud storage is an essential component of any cybersecurity response plan because encrypted immutable storage means that your data will remain safe in the cloud even if your physical storage is compromised. A solid backup solution and response plan means that a business is able to safeguard its data and ensure business continuity in the event of a cyberattack.

Soteria’s range of secure cloud storage solutions for businesses of all sizes are your first line of defence against data theft. To learn more about our encrypted backup service, visit our website today.

Mitigating risk of a Cyberattack

Proactive cybersecurity measures mitigate risk of a cyberattack – cybersecurity

Lately, the media has been crawling with stories about companies’ responses – or transparent lack thereof, to cyberattacks, especially when hackers demand millions of Rand in exchange for the data they’ve taken hostage. But some business owners don’t realise that many of these incidents could be avoided if proactive steps were taken in advance.

Let’s take a closer look at the proactive approach to online security and find out what risk management steps businesses can take to keep criminals at bay and protect sensitive information, even if the worst-case scenario comes to pass.

Proactive versus reactive security

For many of us, responding to a security threat – be it a physical break-in or an online data theft attempt – means pushing the panic button. 

While putting boots on the ground is a reassuring strategy for management, the reality is that once a cyberattack has occurred the potential options for resolving it are already quite limited. This is because compromised data that’s already in the hands of criminals is extremely difficult to recover without spending a large amount of money on system recovery or caving in and paying the ransom – which only encourages hackers to attack other businesses.

Protecting your business assets from the relentless wave of cyberattacks currently faced by companies, from state entities to SMEs in South Africa, is an essential part of risk mitigation. A proactive approach, which could also be called closing every possible gap, consists of several aspects:

  • Cyber security investments. These include firewalls, antivirus software, and most crucially, encrypted offsite storage, which will allow you to restore your system and critical files in the wake of a cyberattack.
  • Employee training focusing on the signs of a cyberattack or phishing attempt will help your staff to be risk-savvy when they use the internet and reduce the ever-real threat of them falling to social engineering attacks.
  • Plan ahead. Even if the worst happens and your business falls prey to a cyberattack, incident response planning will help you recover your data fast.

Cyberattack investment: worth every cent in peace of mind 

Implementing rigorous cybersecurity measures may come at a certain cost, but the benefit of having a fully secured business that has the potential to withstand a cyberattack is worth the investment. 

The cost to your business in terms of financial and reputational damage can run into six figures or higher in the worst case cybercrime scenario.

By comparison, a small monthly investment in encrypted backup and a cyber incident response plan will pay huge dividends in peace of mind from day one. 

Secure data storage will tangibly reduce the damage hackers can do to your business by keeping a current version of your crucial data safe and accessible – to you and only you – in the cloud.

To learn more about our range of secure cloud storage offerings for businesses, visit our product page today.

Hidden Costs of Cyberattacks – Cybersecurity

Measuring the Hidden Costs of Cyberattacks on SMEs

Cyberattacks cost businesses around the world over $8 trillion in financial losses last year, but behind the dramatic headlines about costs that can be measured in Rands and cents is a hidden story of reputational damage and loss of credibility that can cost businesses a fortune in the long-term.

In this article we delve into the unstated losses that come in the wake of a cyberattack, study some common vulnerabilities, and find out how you can protect your business from the huge damage that hackers can do by breaching your data security.

Hidden Cost 1: Customer Confidence

One of the most valuable aspects of any brand is the confidence that customers place in the business and the word of mouth recommendations and positive online advocacy that this leads to.

On the flipside, however, once customers lose confidence in your business – especially if their personal data is stolen during a cyberattack – you need a comprehensive strategy to win back their trust or suffer reputational damage as a consequence.

It’s hard to quantify the exact amount that your business may lose as a result of declining customer confidence, but suffice to say that lost sales, a drop in referrals, and even online boycotts are all possible if your business suffers a major data leak or breach.

For some companies, the damage could run into millions or result in a major loss of business.

Hidden Cost 2: IP Theft

Intellectual property is becoming increasingly valuable with conceptual products accounting for 40% of US GDP in 2023.

Your confidential business plans or product prototypes falling into the wrong hands in a cyberattack could mean that your business could lose a competitive advantage, especially in the realm of manufacturing.

Copycat producers in countries with weak intellectual property laws are always waiting to undercut you in the market.

South African copyright and intellectual property laws are relatively strong and you’ll have a solid legal case to act against a local business that tries to copy your ideas – even if they’re stolen in a cyberattack.

Taking this type of action against a foreign business can be more tricky and certainly expensive, especially if international litigation becomes necessary.

Businesses should make sure that they’re insured against this type of outcome and that the amount of cover is sufficient to compensate them for the very real possibility of losses from IP theft.

Hidden Cost 3: Productivity Losses

Finally, a cyberattack can cause extended periods of downtime for your team as you struggle to bring your systems back online and eliminate the malware that was used in the attack.

During this time, your employees are likely to be distracted and less productive, and this could result in anything from delayed orders and invoicing to a total shutdown of operations for a  week .

For some businesses, this could equate to hundreds of thousands or millions of Rand in lost productivity.

Compliance Costs: When things get very real

The cost of compliance with the PPI Act is a fact that businesses should bear in mind when it comes to cyber risk.

The Information Regulator is authorised to fine companies up to R10 million if customer  information is mishandled in the event of a cyberattack. This is a very tangible amount for any business and underscores the importance of full legal compliance – no matter what size your enterprise may be.

The best way to avoid the hidden costs of cyberattacks is to make sure that your data is securely stored in encrypted form. Soteria’s range of secure storage packages for businesses provides all the data security that your enterprise needs. Visit our product page today to learn more.

Financial Impact of Cyberattacks | Cybersecurity

Quantifying the Financial Impact of a Cyberattack on SMEs – Cybersecurity

By now, most business owners who read our articles will be familiar with the financial impact that a Ransomware attack can have – and the amount of money that companies have had to pay cybercriminals to get their data back is just the tip of the iceberg.

The true cost of an online attack can be far more than the ransom demanded by hackers.

When factors like downtime, data recovery, forensics, system restoration, and potential fines from the Information Regulator are taken into account, falling prey to a cyberattack could cost your business hundreds of thousands or even millions of Rands.

In this article, we explore the financial impact of a cyberattack and provide some tips and tools for business owners to calculate the true cost.

Cyberattacks: what’s the damage?

Understanding the financial impact of a cyberattack is far easier when we consider the various costs that are involved in recovering from a crime like this.

A report from the Ponemon Instutite determined that of the 5 most vulnerable industries that experience data breaches – healthcare, financial, pharmaceutical, energy and industrial, the average cost of a breach in the healthcare industry exceeds $10,93 million (over R19 million).

In general, the cost of a cyberattack consists of the following factors:

  • Detection and client notification costs
  • Data recovery costs
  • Network restoration costs
  • The legacy costs of reputational damage and possible financial claims
  • Regulatory compliance fines

In the wake of a cyberattack or data breach, your business will need to jump into action.

In addition to having a cyberattack response plan so that your efforts remain calm and effective, you’ll need to quickly alert clients and anyone else whose data has been compromised and undertake the process of data recovery.

The POPI Act requires businesses to be good custodians of their clients’ data and take all possible steps to protect it before, during, and after a cybersecurity incident.

  • Failure to do so could result in heavy fines (capped at R10 million) or even prosecution.
  • Special insurance may be necessary for companies that handle vast amounts of client data should the incident be investigated by the Information Regulator.

In addition to compliance costs, expenses related to the restoration of your network can range from four to six figures depending on the size and scope of the damage.

  • Downtime following a cyberattack can cost your business a fortune in lost revenues and undeliverable products and services. A larger SMB or corporation may face millions of Rands in wasted productivity while its systems are down.

According to a 2023 study of hundreds of organisations, the average cost of recovery per file could amount to R2 750, which is an 8% increase from 2022. The costly consequence of a data breach can be determined by taking all of the above factors into consideration or by using one of the many “cost calculators” such as Arctic Wolf to estimate the cost to your company.

A major cyberattack could cost millions in total, but for a small monthly investment in secure cloud storage you can keep your data safe, updated, and encrypted.

Soteria’s range of cloud storage packages is the place to look if you’re serious about data security. To learn more, browse our product page or contact our team today.

Cybersecurity Threat Landscape – Cyberattacks

Understanding the Threat Landscape of Cyberattacks on SMEs – Cybersecurity

Cybersecurity has become just as important as physical security for companies both in South Africa and abroad – and considering the number of cyberattacks that take place each year that’s no surprise.

The latest data from Sophos shows that cyberattacks took place against 78% of South African companies surveyed last year, with many attacks affecting small to medium sized businesses.

In this article, we take a look at the cybersecurity landscape, highlighting some of the main threats that hackers and cybercriminals pose to businesses, and outline the best practices that your organisation can follow to secure its data.

Cybersecurity threat landscape has never been bigger

The cybersecurity threats facing SMEs are growing alongside those facing major corporations. As the threat landscape expands, small to medium business owners need to come to terms with the fact that their enterprises could – and frequently do – fall victim to online hacking, ransomware, and phishing attacks.

The study conducted by Sophos may not have surveyed every small business in South Africa, but the fact that so many respondents have faced the difficulties of a cyberattack in the past year paints a bleak picture of the online security environment, both locally and abroad.

With the total cost of cybercrime around the world estimated at a whopping $9.5 trillion for 2024, business owners can no longer afford to hope that it won’t happen to them.

Let’s take a look at some of the ways you can mitigate your small business vulnerabilities and stay safe online.

Know the enemy: the top cyber risks facing businesses

Online threats that affect small businesses can be divided into several categories. These are the main ones to take note of.

Ransomware

This type of attack happens when criminals gain access to your files and encrypt them so that you can’t access them. Some companies have paid millions of dollars to recover sensitive files compromised in ransomware attacks, but with the right strategy you can avoid becoming the next victim.

Data leaks and breaches

While ransomware attacks involve stealing your data and holding it hostage, data leaks are almost the opposite. This type of incident happens when your data is released on the internet for anyone to see and use, thus compromising the security of your business and clients.

Not only can this be bad for your reputation and cost you clients in the long run, but can also result in heavy fines in terms of the Protection of Personal Information Act.

Social engineering attacks

These take place on social media, with hackers contacting you or your employees posing as trusted figures like clients or service providers.

Once trust is established, criminals will convince the person they are dealing with to release sensitive information or download malware. Like the two other types of attacks mentioned above, social engineering can cost your business a fortune in revenues and reputational damage.

SMEs are especially vulnerable to this type of attack since they often deal with smaller suppliers or clients whose businesses aren’t necessarily household names. Impersonation scams like the one that almost bankrupted The Big Issue last year, are also rampant.

With the threat landscape shifting to dangerous ground, you’ll need a solid plan to keep your sensitive data secure.

Strategies to mitigate your online risk

The reality is that cyberattacks can, and will, continue as long as criminals know that it pays to carry them out.

As a business owner, you’ll need to take steps so that your enterprise can function and trade effectively online.

  • A firewall, updated antivirus software, and secure cloud storage are some of the tech solutions that you can implement to keep your data safe.
  • Automated backup is especially useful because it protects your files without the need for constant conscious action on the part of your staff.

Protecting your business against social engineering attacks and phishing scams requires staff training to enable your employees to detect the signs of a cyberattack and encouraging them to always verify the identity of outsiders communicating with your business.

Soteria offers a range of secure cloud storage solutions using the latest encryption techniques for companies of all sizes.

Shoprite Data Leak | Data theft

Shoprite the latest victim of data leak crime wave

Millions of South Africans trust Shoprite, South Africa’s largest supermarket group, to bring them great deals on groceries and household items. Social media was abuzz in June when the retailer suffered a major data breach exposing personal details of its money transfer clients.

The cyberattack carried out by the hacking group RansomHouse is the latest in a wave of online crimes targeting South African corporates. Here’s how it happened and what it could mean for you if you use Shoprite to send money to friends and family.

Shoprite gets more than it bargained for from cybercriminals

A discount retailer may not sound like a prime target for criminals trying to steal sensitive information, but it wasn’t the shopping side of Shoprite’s business that fell prey to hackers.

  • The company’s “know-your-customer” database (FICA) for its money transfer service, which is used by many people who don’t have traditional bank facilities, received a rude awakening when customer information fell into the hands of RansomHouse with the hacking group posting about its success on the Dark Web.
  • Claiming full responsibility for the attack, RansomHouse hackers boasted that Shoprite’s weak data security policies resulted in sensitive information being stored by staff in plain text documents which were unprotected and unencrypted.
  • Once obtained by the hackers, this information containing customers’ personal details was as easy to access as any word document on any computer.

The hackers threatened to auction the data on the dark web with bidding starting at 20 bitcoin (app R6.7 million). To prove that they had the files RansomHouse posted more than 350 files of customer data on it’s dark web website.

cybersecurity is no longer simply a “nice-to-have”

The Shoprite cybercrime incident shines a spotlight on the dangers of unprotected data and the absolute necessity for companies of all sizes to protect their information.

Shoprite has refused to communicate with the RansomHouse hackers to prevent further leaks but assured customers that they would launch a full investigation with forensic experts to ascertain the origin of the data leak, how and why it happened and the scope of the leak. The company also stated that additional security measures and detection strategies had been implemented across the group to prevent further loss of data.

There is little doubt that Shoprite has been left wondering if the entire event could have been avoided simply by using secure cloud storage and taking other simple data protection measures.

protect your data with secure cloud storage

When it comes to cybersecurity, sometimes it’s best to learn from the mistakes of others and avoid a damaging cyberattack. Reduce and mitigate the risk of a data leak by protecting your business information today with one of our secure cloud storage packages.

South African Security Breaches | Hackers

South African Security Breaches Raise Hackles

The latest surge in security breaches during 2021 has raised the hackles of CIOs and business owners who access sensitive data in their organisation, particularly from remote work environments. Hackers have clearly been using the lull caused by COVID-19 to hone and master their hacking skills.

most recent security breaches

In August 2021 soon after the cyberattack on Transnet, the Daily Maverick, a South African daily online newspaper, wrote that leading cybersecurity experts were warning that state agencies such as Eskom and other mining and manufacturing companies were likely to be the “next possible targets” of a well-executed cyberattack. They weren’t wrong…

Here are just a few of the more recent security breaches in SA:

An attempted cyberattack resulted in 20GB of data, taken from the space agency’s servers, being posted online.

It was determined that the stolen data didn’t contain particularly sensitive data. The downtime and stress involved in restoring the data and securing the hacked server would have impacted their productivity levels for quite some time.

Just when you thought you had done everything to keep your kids safe online, a hole was found in the proverbial fence.

Mahala by Microsoft is a site that provides students between the ages of 8 and 24 with free access to Microsoft apps. By simply supplying their name, email address, and phone number, they have access to a free Microsoft 365 license. However, these basic steps also exposed their details to other uses, raising the concern that their personal information could be sold or used for phishing attacks. Microsoft is currently working to resolve the issue.

The SA Justice Department has also become a victim of cybercrime in recent weeks.

It’s thought the department suffered a ransomware attack resulting in large amounts of personal information, including bank details, being leaked, and encrypted for possible sale on the dark web. The courts have had to resort to manual recordings to ensure scheduled cases can continue and a manual process to provide the relevant documentation for burials.

it could have been you!

If you think it’s only large firms that need to invest in data security, think again. Although hackers have targeted large firms and continue to do so, small businesses are also easy pickings. This is because hackers rely on the complacency of employees within small businesses who think that no one would want to hack their data. Unfortunately, this is what they want you to believe.

We recently heard of an SME that was hacked for ransom. Fortunately, they had both offsite and cloud data back up. However, as the attack happened over the weekend and a disc change had inadvertently been missed on the Friday preceding, it meant they lost two days of productivity and incurring the cost of an IT specialist for three days.

our final thoughts on security breaches

Data backup is essential to run your business effectively and safely. Even if you only have between three and ten employees and a handful of clients, if their payment details or personal particulars are hacked, it could result in a substantial cost to your business, not to mention the possible legalities involved. Take the steps to protect yourself and your business today and avoid the inconvenience and cost of a security breach.

How to create a cloud security policy that is all-inclusive

The world has gone digital in recent times and those who don’t get on board with a solid cloud security policy will be left behind.

The Pandemic spurred the world into home-working, and while it seemed like a limitation at the time, for many – including the digital landscape in South Africa, it’s been a blessing in disguise .

As a business owner, there are more digital complexities to deal with than ever before. With employees working from home or using personal devices for business purposes, you need to think about protecting your company networks, data, and devices from possible risks. Recent surveys tell us that 96% of businesses use cloud-based services in one way or another.

If you’re operating in the cloud, now is the time to take stock of your digital security policies and ensure that you have update them.

protecting your business in a digital world

There are several protection strategies you may already be aware of, such as:

  • Setting up a communication archive system that is thorough and well-protected
  • Hiring the correct specialists with experience in cybersecurity systems and security auditing
  • Registering (and keeping up to date with) cyber liability insurance
  • Training staff members on cyber-best practices and educating them thoroughly on all the latest cyber risks and how to avoid falling prey to them
  • Setting up a cloud security policy and ensuring that it is regularly updated

what are the 5 most common major threats to cloud security?

Human error, negligence, choosing the wrong cloud storage provider, and weak security systems often bring cloud-based businesses to their knees. That said, these are the most common threats to cloud security for all businesses, big and small.

  1. Data breaches
  2. Account hijacking
  3. Service traffic hijacking
  4. Data loss
  5. Insecure application program interfaces

creating a legitimate and strong cloud security policy

There are complex scenarios that need to be taken into account when creating a cloud security policy. Still, there are basic steps that you, the business owner, need to follow to ensure that your cloud security is all-inclusive and of the highest possible calibre.

A comprehensive cloud security policy will require you to engage with leadership roles in your company and possibly even seek outside assistance from professionals. Below are a few steps you need to consider.

  • Meet with senior leaders in the business and talk frankly about the requirements for a cloud security policy – all role players must be on the same page.
  • Set security goals in place and develop a timeline to follow.
  • Make sure that your security team is well versed in cybersecurity and has the relevant qualifications and skills.
  • Be sure to check in with management at all points of the project to ensure you’re not missing important issues and to check that the system will be easy to implement in the daily business model.
  • Consult with legal professionals to review the policy and provide helpful feedback.
  • Once the policy is in place, ask your IT department to do an internal audit and review the policy.
  • The policy should not be set in place until all senior leadership members have carefully read through the proposed policy and provided their input and feedback.
  • Once the policy is approved by management, present the policy to all staff members. It is important to set up a training session to go through the policy with staff members to ensure they have read and understand it.
  • Review your policy every six months to one year.

key characteristics of a great cloud security policy

If your cloud security policy is well designed, it will:

  • Reduce weak points in your network and systems
  • Set multiple measures of protection around your company’s most sensitive and valuable data
  • Demonstrate a security-first mindset to all of your team members, from the secretary on the front desk to the CEO of the company
  • Provide training that supports the requirements of the policy
  • Provide protection against human error, mishaps and employee poor online behaviour
  • Be consistently updated

last word on cloud security policy

Creating a cloud security policy isn’t something that can be whipped together overnight. There should be no hesitation to outsource skills in the IT department in the name of increased security for your business. If your cloud security policy isn’t in place yet, today is a great day to start working on it.

Virgin Active, Latest Victim of a Cyberattack in South Africa

May brought with it an unhealthy surprise for Virgin Active South Africa, the country’s largest gym chain. A cyberattack on the fitness group carried out by what the company refers to as “sophisticated cybercriminals”, is the most recent attack in South Africa by modern-day hackers.

If you were struggling to access your Virgin Active account online, now you know why!

The company took all services offline while they implemented measures to protect the data of its customers. All South African branches spent a week acting on a first-come-first-serve basis, which of course, lead to a degree of disgruntlement.

While there was no indication that any data had been removed from the systems, Virgin Active told customers that clubs would be operating as normal but advised that they should remain vigilant of any suspicious activity on their accounts. Forensic experts were hard at work trying to ascertain the extent of the attack!

business as usual, kind of!

Virgin Active doors remained open, but customers had to adapt to booking classes by phone or in-person, with online workouts out of the question for some time.

Regular gym-goers used to racking up points on a weekly basis became a little concerned about what this would mean for their benefits. In an attempt of goodwill, Virgin Active reassured customers that they would be awarded the full points for the week that they would have otherwise accrued.

virgin active’s response to the latest cyberattack in South Africa?

People want answers, and while those answers are sketchy right now, one thing is evident; the security of Virgin Active customer data seems to have been a top priority and that there was no negligence involved.

The company is adamant that the security practices of the brand are top-notch and that all security audits leading up to the attack were passed. Also, all financial and banking data of customers on the system were data encrypted, which leads to a massive amount of customer relief!

While Virgin Active is still to release the full details of the cyberattack, it’s reassuring for members to know that the company followed reasonable protocols in the face of the attack. The company notified the SA Information regulator and worked closely with law enforcement to ensure that all bases were covered.

last word

Cyber experts warn that it’s only a matter of time before other companies fall prey to similar data attacks in South Africa. Businesses and individuals are advised to change their passwords frequently and to ensure that they don’t use the same password across different websites.

Were you affected by the latest Virgin Active cyberattack? Let us know how you were impacted – we’d love to know!