South African organizations are facing a fast-growing data breach epidemic. In just the first quarter of 2024 alone, more than 34.5 million local accounts were compromised, making South Africa the second-most affected country in Africa for cyber incidents. Over the past two years, the number of data breach reports has tripled, with over 1,700 incidents reported in 2023 compared to around 500 in 2022.
The country’s Information Regulator is now receiving more than 150 breach notifications every month, which is a dramatic rise from just 56 per month a year earlier. Behind these incidents lies a troubling pattern: 95% of breaches are caused by human error, often through phishing, social engineering, weak or reused passwords, and other avoidable mistakes.
Financially, the damage is very big. In 2024, the average cost of a single breach hit R53 million, with the most severe incidents costing up to R360 million. Nationally, the Council for Scientific and Industrial Research estimates the annual cost of data breaches at R2.2 billion.
Despite these escalating risks, many organizations remain underprepared. Only 29% plan to increase their cybersecurity budgets significantly for 2025, leaving large gaps in protection.
In this blog, we’ll take a closer look at the 10 biggest and most damaging data breaches in South Africa, what made them possible, and what patterns can help prevent the next wave of incidents.