Cell C, South Africa’s fourth largest mobile network operator, said on Wednesday morning that RansomHouse had unlawfully disclosed data after a security breach for which RansomHouse is claiming responsibility.

The operator, with 7.7 million subscribers as of February, was attacked in early November 2024 and RansomHouse acquired 2TB of data, which has been corroborated by files posted on the dark web, according to security company PFortner.

Data accessed included:

Full names and contact details (email, phone numbers)
ID numbers
Banking details (if stored for billing purposes)
Driver’s License Numbers
Medical Records (if supplied for closure of accounts on death of a family member)
Passport details
It is not clear how many people were affected.