Section 19 of POPIA requires companies to ensure the personal information it possesses is secure.
“South Africa has experienced a disturbingly high number of material data breaches in the past few months‚” Tlakula said.
“Without a fully functional Information Regulator‚ these breaches will continue to occur without sanctions provided for in POPIA.
These data breaches underscore the urgent establishment of the Regulator.”
ViewFines‚ a website for viewing traffic fines‚ suffered a data breach in May. More than 934‚000 records containing 778‚000 unique email addresses were exposed‚ including names‚ phone numbers‚ government-issued identity numbers and passwords stored in plain text.
The leak did not affect all licensed drivers‚ but only those who had registered to pay traffic fines online using one or more of the sites that provided the service.