Cell C Data Breach: Hackers Steal Customer IDs, Banking Details, and More

In a concerning development for South Africa’s telecommunications sector, Cell C has confirmed that hackers breached its systems, compromising sensitive data from customers, employees, and partners. The breach includes ID numbers, banking details, and contact information.

The attack, carried out by the infamous RansomHouse group, reportedly led to the theft of 2TB of data. This includes customer call records, ID scans, financial statements, and even non-disclosure agreements between Cell C and other entities.

Who is RansomHouse?

RansomHouse, a cybercriminal group active since March 2022, claims to focus on data theft rather than encrypting victims’ systems. Their modus operandi often involves exploiting vulnerabilities, phishing attacks, or poor cybersecurity practices. They typically demand payment in exchange for not leaking stolen data.

This group previously targeted Shoprite in June 2022 and has now claimed responsibility for the Cell C breach. According to its dark web postings, RansomHouse accessed Cell C’s systems as far back as November 2024.

Cell C’s Immediate Response

Cell C disclosed the breach on 8 January 2025, taking immediate steps to mitigate the damage and notify affected parties. Here’s how the mobile operator is addressing the situation:

• Collaborating with top forensic experts to identify vulnerabilities and secure its systems.
• Strengthening cybersecurity protocols to prevent future incidents.
• Educating customers on cybersecurity threats and protection methods.
• Notifying authorities, including South Africa’s Information Regulator.

“We continue to assess the full scope of the incident, but our initial findings suggest that data related to a limited number of individuals may have been accessed,” Cell C said.

What Does This Mean for Customers?

Cell C customers are urged to stay vigilant against cyber threats. Hackers may use the stolen information for phishing scams or financial fraud. Cell C is offering guidance on protecting sensitive information, but customers should also take proactive steps, such as:

• Monitoring bank accounts for suspicious activity.
• Changing passwords for online accounts linked to Cell C.
• Avoiding unsolicited messages requesting personal or financial information.

A Broader Issue in Cybersecurity

Cell C’s data breach highlights the growing threat of cybercrime in South Africa. Companies need to prioritize robust cybersecurity measures to protect their systems and customer data.

Orange Cyberdefense advises organisations to conduct regular vulnerability assessments, enhance employee cybersecurity training, and implement multi-layered security protocols.

What Happens Next?

Cell C is working closely with authorities and experts to resolve the breach and improve its security framework. The company has reassured customers that protecting their data remains its top priority.

For affected individuals, staying informed and taking precautionary measures will be key to mitigating potential risks.

This incident serves as a stark reminder for businesses and consumers alike: in an era of increasing cyber threats, vigilance and robust security practices are not optional—they are essential.

Follow Joburg ETC on Facebook, Twitter , TikTok and Instagram

For more News in Johannesburg, visit joburgetc.com