In March 2017, a 27GB database backup file named “Master Deeds” was sent to HIBP by a supporter of the project. Upon detailed analysis later that year, the file was found to contain the personal data of tens of millions of living and deceased South African residents. The data included extensive personal attributes such as names, addresses, ethnicities, genders, birth dates, government issued personal identification numbers and 2.2 million email addresses. At the time of publishing, it’s alleged the data was sourced from Dracore Data Sciences (Dracore is yet to publicly confirm or deny the data was sourced from their systems). On 18 October 2017, the file was found to have been published to a publicly accessible web server where it was located at the root of an IP address with directory listing enabled. The file was dated 8 April 2015.
Accounts breached: 2257930
Breached on: March 14, 2017
Exposed data: Dates of birth, Deceased statuses, Email addresses, Employers, Ethnicities, Genders, Government issued IDs, Home ownership statuses, Job titles, Names, Nationalities, Phone numbers, and Physical addresses
Added on: October 18, 2017