Back To Breaches

eThekwiniMunicipality

In September 2016, the new eThekwini eServices website in South Africa was launched with a number of security holes that lead to the leak of over 98k residents' personal information and utility bills across 82k unique email addresses. Emails were sent prior to launch containing passwords in plain text and the site allowed anyone to download utility bills without sufficient authentication. Various methods of customer data enumeration was possible and phishing attacks began appearing the day after launch.

Domain: eservices.durban.gov.za
Breach Count: 81,830
Breach Date: Sept. 7, 2016
Added: Sept. 15, 2016

Verified: True
Fabricated: False
Events: 0
Source: HaveIBeenPwned

Data types: Email addresses Names Passwords Dates of birth Genders Phone numbers Physical addresses Passport numbers Deceased date Government issued IDs Utility bills

Timeline

eservices.durban.gov.za Sept. 7, 2016

eThekwiniMunicipality suffered from a data breach.

eservices.durban.gov.za Sept. 15, 2016

The breach eThekwini Municipality was added to the database.

Check your email for data breaches

eThekwiniMunicipality

Timeline