eThekwini Municipality

In September 2016, the newly launched eThekwini eServices website in South Africa had security vulnerabilities that resulted in the leak of residents' personal information and utility bills. Emails with plain text passwords were sent before the launch, and the site permitted unauthorized access to utility bills, leading to phishing attacks shortly after.

Data Included in the Breach