Ina Opperman

By Ina Opperman

Business Journalist


CIPC hacked, companies’ personal information ‘compromised’

Companies registered with the CIPC must now be very careful as hackers have their personal information such as registration numbers.


South Africa’s CIPC, the official companies data base, has been hacked, compromising the personal information of companies as well as employees of the organisation.

The Companies and Intellectual Property Commission (CIPC) says in a statement that it “noted an attempted security breach and the compromise of personal information of clients and CIPC employees held on its records”.

According to the statement, the CIPC’s ICT technicians were alerted thanks to “extensive firewall and data protection systems” to a possible security compromise and as a result certain CIPC systems were shut down immediately to mitigate any possible damage.

The CIPC says the diligent efforts of its ICT and information security teams ensured that the compromise was isolated and curtailed and the relevant systems are back up and available for processing.

ALSO READ: Dis-Chem facing R10 million fine after client data breach

Be vigilant and monitor transactions

“Unfortunately, certain personal information of our clients and CIPC employees was unlawfully accessed and exposed. CIPC clients are urged to be vigilant in monitoring credit card transactions and they must only approve or authorise known and valid transaction requests. We are investigating the extent of the exposure and we will communicate it as soon as possible,” the entity says..

The CIPC assured the public that it recognises the importance of the consistent availability of its systems and the safeguarding of information that is not in the public domain and is working actively to minimise the impact on its clients and employees.

“We apologise for any inconvenience caused and assure you that every reasonable step is taken to ensure that all our systems and platforms are safe and protected from unauthorised and/or unlawful access.”

A spokesperson for the Information Regulator, where all data breaches must be reported, said the CIPC has notified the Regulator about the security compromise and the Regulator must still process the enity’s submission.

Access premium news and stories

Access to the top content, vouchers and other member only benefits