Cyber Incident Victim: Liberty

On June 16, 2018, financial services provider Liberty publicly disclosed an IT systems breach via a notice on its website, confirming unauthorized access to its infrastructure. The company stated that an external party claimed to have seized data, identified potential system vulnerabilities, and demanded compensation. Liberty initiated immediate containment measures by securing its computer systems following the discovery. According to a June 17, 2018 Sunday Times report, the attackers demanded millions in ransom and threatened to release sensitive client data publicly if their demands were unmet. The report specified that the compromised data involved details about Liberty’s "top clients," though the exact scope or types of data were not detailed by Liberty. Internal sources described chaotic efforts by Liberty’s IT personnel to assess the breach’s extent and origin, with one source characterizing the team as "running around like headless chickens."

Liberty executives reportedly engaged with the hackers, with Sunday Times sources indicating a potential willingness to pay the ransom. The company’s public communications emphasized an ongoing investigation and commitments to stakeholder updates but avoided disclosing technical specifics of the breach or vulnerabilities. A Liberty spokesperson confirmed system security measures to MyBroadband but declined further media commentary, citing the active investigation. The incident occurred amid heightened concern over South African data breaches, including a separate leak from a traffic fine platform exposing 934,000 individuals’ IDs, passwords, and contact details. Liberty’s breach highlighted risks to financial sector data integrity but concluded without public confirmation of data leaks, payments, or final resolution details beyond the initial containment and investigation.