Avatar photo

By Faizel Patel

Senior Digital Journalist

‘SA passports among cheapest being sold on dark web’ – study

The study found South Africans are at high risk of falling victim to cybercrime on the dark web with their details being sold cheaply

A study by cybersecurity company NordVPN has found a heightened risk of cybercrime on the dark web for users of popular platforms such as Netflix, Uber, Twitter, and South African passport holders.

The study found that South African passports are the fourth cheapest globally, selling for as little as R156 on the dark web. 

It also revealed that personal data such as payment card details, mobile phone numbers, and online account details are being sold for as low as R31.


NordVPN analyzed one of the dark web markets with a total illegal sales value of R270.4 million to date. 

According to the cybersecurity experts, this market was chosen because it has been used by major hacking groups in the past, including the group involved in the AT&T data theft in August last year. 

However, this market represents only the tip of the iceberg as there are over 30,000 websites on the dark web, which only represents 4% of the entire internet.

Findings worrying 

Adrianus Warmenhoven, a cybersecurity expert at NordVPN, said the findings of the study are alarming. 

“It should be taken seriously by all South Africans. The dark web is a breeding ground for cybercriminals and hackers, and personal data is being sold at dirt-cheap prices, making it easily accessible to anyone with malicious intentions.”

The study found that payment card data costs an average of R143, while a hacked Netflix account can be bought for as little as R151. 

ALSO READ: President Cyril Ramaphosa’s personal financial information hacked


Yashmita Bhana, the CEO of Nihka Technology Group, with extensive experience in addressing dark web threats, said it is crucial for organisations and governments to take proactive measures to protect their sensitive data from being sold on the dark web. 

As cybercrime continues to escalate, it is important for the South African government and multinational companies to take immediate action to protect their sensitive information from being sold on the dark web. 

Not even Ramaphosa safe 

Last year, Pankaj Bhula, Regional Director for Africa at Check Point Software said: “No one – not even the President Cyril Ramaphosa was immune to cybercrime.”

Bhula made the comments after a cybersecurity company raised concerns about cybercrime and the recent efforts of hacking group SpiderLog$, which pointed out glaring vulnerabilities in the security systems used in South African government departments.

SpiderLog$ was able to obtain private data of Ramaphosa, including details of a loan he took out from a South African bank in the 2000s, his home address, ID number, and cellphone numbers. 

Additionally, the group produced screenshots showing it could gain entry to the webmail interface of the defence and state security departments (making it possible to access sensitive and military information), as well as identify the private IP addresses of the government’s servers, their domains, and Internet service providers.

NOW READ: No one immune to cybercrime, not even Ramaphosa – Experts

Access premium news and stories

Access to the top content, vouchers and other member only benefits