1. 27four would like to inform its customers, suppliers and employees (data subjects) that 27four recently experienced a cyber incident where an unauthorised person gained access to our system and accordingly, this notice serves as notification for purposes of section 22 of the Protection of Personal Information Act, No. 4 of 2013 (POPIA) to 27four’s data subjects.
  2. 27four has also notified the information regulator as required in terms of POPIA.
  3. Keeping the personal information of our data subjects secure is of the utmost importance to 27four and we took steps to address and contain the incident the same day that we discovered the incident.
  4. We also promptly engaged a computer forensic investigator to perform an investigation and we have already taken numerous additional security measures designed to prevent this from happening again in the future including changing all user passwords and applying multifactor authentication andimplementing additional security measures and controls and continually monitoring our systems for any suspicious activity.
  5. The identity of the unauthorised person/s who may have accessed or acquired any 27four data is unknown to 27four.
  6. At this stage we are unable to identify the extent to which personal information may have been accessed and as personal information may have been accessed, out of an abundance of caution, we are notifying all our data subjects of the breach in order to ensure that they are abletotakethe necessary precautions to avoid any potential adverse consequences from this breach and to be on the alert for any possible scams including spoofing emails or fraudulent activity.
  7. 27four values the privacy of the data subjects whose personal information it processes, and deeply regrets that this incident occurred. For further information and assistance please contact Vic du Preez on 011 442 2464.