Information Regulator pursues Dis-Chem over data breach

The Information Regulator has issued pharmacy chain Dis-Chem Pharmacies with an enforcement notice for various contraventions of the Protection of Personal Information Act (Popia).

“Around April and May 2022, Dis-Chem’s third-party service provider, Grapevine, suffered a brute-force attack by an unauthorised party. Some 3.7 million data subjects’ records were accessed from Dis-Chem’s e-statement service database which was managed by Grapevine,” the regulator said in a statement on Friday.

“The affected records in this database were limited to names and surnames, e-mail addresses, and cellphone numbers of the data subjects,” it said.

Read more at TechCentral…


Please enter your comment!
Please enter your name here

two × three =