14Jan

NCR HACKED – What does that mean for you?

By Uncategorized

 What happened with the NCR

  • Ransomware group DragonForce has claimed responsibility for hacking the National Credit Regulator.
  • The group reportedly published over 42 GB of data on the dark web after the attack.
  • The breach was disclosed by the NCR in December 2025, after its systems were disrupted by a cyberattack.

 The NCR responded

  • The NCR detected unusual activity and isolated affected systemsdisabled remote access, and applied enhanced security controls to contain the incident.
  • It engaged independent cybersecurity specialists to investigate and recover systems.
  • The agency has notified relevant regulators, including the Information Regulator, as required by law.

 Data exposure and investigation

  • The NCR is still investigating exactly what was taken and whether personal information was compromised.
  • As of now, there’s no confirmed list of specific data types or individuals affected — that is still being verified.

 Precautions for stakeholders

The NCR has advised stakeholders to:

  • Be vigilant with suspicious emails or messages.
  • Avoid unknown links or attachments.
  • Watch for unusual communications claiming to be from the NCR.
  • Consider Protective Registration with the Southern African Fraud Prevention Service to help protect against identity fraud.

 Context: broader cybersecurity issues in South Africa

This attack is part of a wider trend of cyber incidents affecting local organisations and government systems, from security flaws in financial systems to malware on government infrastructure and highlighting ongoing cybersecurity challenges.

READ THE FULL ARTICLE HERE

https://mybroadband.co.za/news/security/624587-south-african-national-credit-regulator-hacked.html

 Additional Steps You Should Take (Highly Recommended)

 1. Credit Bureau Monitoring

Register (free or paid options) with:

  • TransUnion
  • Experian
  • Compuscan
  • XDS

👉 Watch for new enquiries or accounts

 2. Bank & Account Vigilance

  • Check bank statements weekly
  • Activate SMS/email alerts
  • Immediately dispute unfamiliar transactions

 3. Beware of Scams

Expect:

  • Phishing emails pretending to be NCR, banks, or debt counsellors
  • Requests for ID documents or OTPs

🚫 NCR and banks will not ask for OTPs or passwords.

 4. If You’re in Debt Review

Given your industry involvement:

  • Ensure client data is protected
  • Notify affected consumers if required under POPIA
  • Keep records in case NCR-related delays or system issues arise

Share this post

Author

Related Posts

21Nov

Episode 14: June Did Her Homework

24Jun

The DCASA 58th Edition Newsletter

The DCASA’s recent newsletter on the latest update on the debt re-arrangement discussion document touches on a number of concerning... read more

27Nov

Gabriella Cirillo Confirms Integrity Guaranteed

27Nov

Debt Therapy – Integrity Guaranteed

21Nov

Episode 13: Scammers Told Mrs S They Could Get Her Out of Debt Review

24Oct

What is DCASA doing against rogue Debt Counsellors and how to avoid becoming a victim?

The Debt Counsellors Association of South Africa has been working with the NCR and various other stakeholders to curb the... read more

21Nov

Episode 10: Overcoming Survival Debt as a Single Mom

21Sep

NCR Debt Review Withdrawal Guidelines 2021

INTRODUCTION   The National Credit Act 34 of 2005 (NCA) introduced debt review as a debt relief measure for over-indebted consumers.... read more