Cyber Incident Victim: Qsure

On June 9, 2021, South African insurance provider QSure detected unauthorized access to its IT infrastructure, prompting immediate containment measures. The company isolated its IT network and shut down all systems upon discovering the intrusion, according to statements by Chief Operating Officer Ian du Toit to TechCentral. The breach resulted in the compromise of sensitive customer data, including banking information, though QSure did not disclose the exact number of affected records or the duration of unauthorized access prior to detection. No additional technical details regarding the attack vector, threat actor identity, or specific compromised systems were released publicly. The incident represented a significant operational disruption, necessitating full system shutdowns to prevent further data exfiltration or damage.

The data breach exposed financially sensitive information, creating potential risks for customer fraud and identity theft, though QSure did not quantify these risks or confirm any malicious use of stolen data. Public reporting by Brett Venter indicated the breach qualified as a "major" incident based on the sensitivity of the compromised banking details. QSure's communications emphasized the illegal nature of the access but provided no forensic timeline beyond the June 9 detection date. The company did not release information regarding third-party forensic investigations, regulatory notifications, or customer remediation efforts such as credit monitoring. Media coverage highlighted public skepticism through social media commentary, including sardonic remarks about the insurer's own need for cyber insurance coverage following the breach.