Abstract
The potential impact that data leakage can have on a
country, both on a national level as well as on an individual level,
can be wide reaching and potentially catastrophic. In January
2013, several South African companies became the target of a
hack attack, resulting in the breach of security measures and the
leaking of a claimed 700000 records. The affected companies are
spread across a number of domains, thus making the leak a very
wide impact area. The aim of this paper is to analyze the data
released from the South African breach and to visualize the
extent of the loss by the companies affected. The value of this
work lies in its connection to and interpretation of related South
African legislation. The data extracted during the analysis is
primarily personally identifiable information, such as defined by
the Electronic Communications and Transactions Act of 2002
and the Protection of Personal Information Bill of 2009.