Legal Practitioners Fidelity Fund hacked

According to the South African Banking Risk Information Centre, South Africa saw a 22% increase in cyber-attacks in 2023.

According to the South African Banking Risk Information Centre, South Africa saw a 22% increase in cyber-attacks in 2023.

Published Jun 27, 2024

Share

Nicola Mawson

The Legal Practitioners Fidelity Fund this week told stakeholders that it had been hacked, with its IT security team having detected unauthorised access to some of its systems.

“Preliminary investigations suggest that an entity with administrative rights successfully breached our security protocols and accessed certain sensitive data. This breach has affected systems operated by both the Legal Practitioners Fidelity Fund and the Legal Practitioners Indemnity Insurance Fund,” it said.

In a notice prominently displayed on its website, it said it immediately implemented several critical measures upon discovery of the breach.

These include engaging a “leading” cybersecurity firm to conduct a comprehensive investigation, strengthening its security infrastructure to prevent future breaches, as well as notifying the “relevant regulatory authorities and law enforcement and are complying with all legal obligations”.

The fund’s primary purpose of the Legal Practitioners Fidelity Fund is to reimburse attorney’s clients who may suffer loss due to the theft of money or property entrusted to an attorney, or where a lawyer acts as executor or administrator in a deceased estate, or as a trustee in an insolvent estate.

It has encouraged stakeholders to:

  • Vigilantly monitor accounts for any unusual or suspicious activity,
  • Change passwords and activate two-factor authentication where available,
  • Exercise caution when responding to unsolicited requests for personal information.

The notice, sent by CEO Motlatsi Molefe, said “We understand the severity of this incident and the importance of the trust you place in us. Our commitments to you are providing timely updates on our progress, offering support to help you protect your information and implementing advanced security measures to enhance the protection of our systems.”

In terms of the Protection of Person Information Act, companies who suffer a data breach must notify those who are affected, although the law doesn’t indicate a timeline as to when, law firm Michalsons said on its website.

Several companies have recently suffered a breach, including Experian, the Companies and Intellectual Property Commission, the Government Employees Pension Fund, and Discovery Insure.

According to the South African Banking Risk Information Centre, South Africa saw a 22% increase in cyber-attacks in 2023.

BUSINESS REPORT