Liberty Investigates Data Breach Exposing Customer Personal Information
Liberty, a South African insurance and financial services firm, has disclosed a data breach involving unauthorized third-party access to its systems, exposing customers' personal information. The incident was detected yesterday, prompting the company to take immediate containment measures.
According to Liberty CEO Yuresh Maharaj, services remain fully operational, and a full investigation supported by cybersecurity experts is underway. The company is notifying affected clients, confirming that compromised data includes ID numbers and names. An SMS sent to customers reassured them that policies and investments remain secure.
Under South Africa’s Protection of Personal Information Act (POPIA), organizations must report breaches to the Information Regulator and affected individuals promptly, detailing the nature of the incident and mitigation steps. Liberty has complied with these obligations, emphasizing transparency and accountability.
This breach occurs amid a surge in cyber threats in South Africa, where organizations faced an average of 2,145 weekly attacks in January a 36% year-on-year increase, according to Check Point Research. The financial impact of such incidents is growing, with JSE-listed companies potentially losing up to 30% of their share value following a cyber crisis.
Liberty has previously experienced a cyberattack in 2018, when an external party breached its IT infrastructure and demanded compensation. The latest incident underscores the persistent risks facing financial institutions in an evolving threat landscape.
Source: https://www.itweb.co.za/article/insurer-liberty-hit-by-data-breach/o1Jr5MxPwrdMKdWL
The Liberty Company Insurance Brokers, LLC cybersecurity rating report: https://www.rankiteo.com/company/the-liberty-company-insurance-brokers
"id": "THE1774334459",
"linkid": "the-liberty-company-insurance-brokers",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Affected clients notified',
'industry': 'Insurance, Financial Services',
'location': 'South Africa',
'name': 'Liberty',
'type': 'Insurance and Financial Services Firm'}],
'customer_advisories': 'SMS sent to customers reassuring them that policies '
'and investments remain secure',
'data_breach': {'personally_identifiable_information': 'ID numbers, names',
'sensitivity_of_data': 'High (ID numbers, names)',
'type_of_data_compromised': 'Personal information'},
'description': 'Liberty, a South African insurance and financial services '
'firm, has disclosed a data breach involving unauthorized '
"third-party access to its systems, exposing customers' "
'personal information. The incident was detected yesterday, '
'prompting the company to take immediate containment measures. '
'Compromised data includes ID numbers and names.',
'impact': {'data_compromised': 'Personal information (ID numbers, names)',
'identity_theft_risk': 'High',
'operational_impact': 'Services remain fully operational'},
'investigation_status': 'Underway',
'references': [{'source': 'Liberty CEO Yuresh Maharaj'},
{'source': 'Check Point Research'}],
'regulatory_compliance': {'regulations_violated': 'Protection of Personal '
'Information Act (POPIA)',
'regulatory_notifications': 'Reported to the '
'Information Regulator '
'and affected '
'individuals'},
'response': {'communication_strategy': 'Notifying affected clients via SMS, '
'emphasizing transparency and '
'accountability',
'containment_measures': 'Immediate containment measures taken',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'Cybersecurity experts'},
'title': 'Liberty Data Breach Exposing Customer Personal Information',
'type': 'Data Breach'}