Personal Business The World Of Cell C
Search  
Logo
Cell C Logo
Icon

Announcements:

– Letter from Cell C CEO. Read more

– FAQ update. Click here

Letter from the CEO

To our valued customers,

We are providing you with an update regarding the cybersecurity incident we previously communicated, and sharing guidance on how you can protect your personal information.

What Happened and Have There Been Any Developments?

As previously communicated, Cell C had detected unauthorised access to some parts of our IT environment.

Cell C is now aware that the data compromised in the recent cybersecurity incident has been unlawfully disclosed by RansomHouse, the threat actor claiming responsibility. This follows a previously reported incident involving unauthorised access to unstructured data in some parts of our IT environment.

We understand the seriousness of this development and deeply regret the distress or concern it may cause.

What Information Was Involved?

As reported previously, the varying types of customer data that was accessed include:

  • Full names and contact details (email, phone numbers)
  • ID numbers
  • Banking details (if stored for billing purposes)
  • Driver’s License Numbers
  • Medical Records (if supplied for closure of accounts on death of a family member)
  • Passport details

Given that this information has now been published by RansomHouse, we urge you to take steps to protect yourself from phishing, or potential fraud or identity theft.

How We Have Responded

  • We continue to work with top cybersecurity experts to contain and mitigate the impact of the incident.
  • We have notified the Information Regulator and other relevant authorities.
  • We are further strengthening our cybersecurity infrastructure to prevent future incidents.

What You Can Do to Protect Yourself

We suggest the following to help protect yourself against phishing, or fraud or identity theft:

  1. You Can Apply for Protective Registration (for free): SAFPS offers a free protective registration service for victims or potential victims of identity fraud. This means that additional verification measures will be taken when credit is applied for in your name.

    You can apply via the SAFPS website: www.safps.org.za in three different ways:
    • Apply online www.safps.org.za
    • Via Email by downloading an application form from www.safps.org.za/ and emailing it to protection@safps.org.za with the necessary supporting documents (you will need: certified copy of your ID or passport, proof of address, and the completed application form).
    • SAFPS Call-Back: You can also submit your details through the SAFPS website www.safps.org.za/, and one of their agents will contact you to begin the process.
    Please remember, SAFPS, Cell C, and legitimate financial institutions, will never ask you for your password, PIN, or OTP.

  2. Monitor Your Financial Accounts: Check your bank statements and report any suspicious transactions. Check bank statements regularly and enable SMS or email notifications for outgoing payments. Look for any unauthorised transactions and report them immediately.

    Consider activating fraud alerts if your bank offers this or similar fraud protection services—e.g. enabling alerts on your account.

  3. Stay Vigilant with Your Personal Information: Be cautious when sharing your ID, address, or bank information—especially in digital formats or with unfamiliar contacts.

    Fraudsters may attempt to impersonate Cell C or other trusted institutions. Do not share personal information over email or phone unless you are certain of the recipient’s legitimacy. Be cautious of unexpected messages or calls claiming to be from banks or service providers. Verify the sender's identity before responding or clicking on any links.

    Poor grammar or generic greetings (like "Dear Customer") in emails. Urgency or threats to suspend accounts or services. Links that don’t match Cell C’s official website URL (hover over the link to check, but do not click).

  4. Monitor Your Credit Reports: Regularly check your credit reports with major credit bureaus (TransUnion, Experian, XDS, and Compuscan) for any unusual or unauthorised activity.

  5. Update Your Passwords: If you use your the same password elsewhere, consider changing it to something strong and unique.

  6. Enable Fraud Alerts: Contact your bank to activate fraud alerts on your account.

  7. Install Anti-Virus and Anti-Malware Software: Use reputable solutions to detect and block malicious software. Keep the software updated and run regular scans.

  8. Strengthen Device Security: Enable two-factor authentication (2FA) for all online accounts, especially financial services. Use a password manager to create and store strong, unique passwords for each account.

  9. Keep operating systems and apps up to date to protect against vulnerabilities: For example, update your phone’s software when there is an update available – don’t ignore those notifications.

  10. Report Suspicious Activity: If you suspect that you are a victim of identity fraud, report it immediately to SAFPS and open a case with the South African Police Service (SAPS).

Our Commitment to You

As part of our commitment to safeguarding the interests of our stakeholders and full transparency, Cell C has set up an Information Hub, www.worldofcellc.co.za/information-hub, where stakeholders can access tips on protecting themselves against cybercrime, support and actions to protect against fraudulent activity, as well as frequently asked questions on the cyber incident.

Need Help or More Info?

We thank you for your continued patience.

Yours sincerely,

Jorge Signature

Jorge Mendes

CEO, Cell C

Information for Customers

08 January 2025

Subject: Important Cybersecurity Update

Dear Valued Customer,

Compliments of the new season from all of us at Cell C. We wish you and your loved ones all the best for the year ahead. We would also like to take this opportunity to thank you sincerely for your continued support.

It is regrettable that we must inform you of a recent cybersecurity incident which we have reported to the Information Regulator. Upon discovery, immediate steps were taken to secure our systems, contain the incident, and conduct a thorough investigation to determine its scope and impact.

Initial findings from our ongoing investigation suggest that data related to a limited number of individuals may have been accessed by an unauthorised party.

Cybercrime is becoming increasingly prevalent both locally and globally, as seen in recent news headlines. Cell C remains committed to continuously strengthening our cybersecurity measures and improving our IT environment to mitigate these risks. Updates and developments will be shared with you as they become available.

We would like to encourage our customers to stay vigilant and take steps to protect their personal information. For tips on staying cybersmart, please click here.

We appreciate your patience and understanding as we continue our investigations.

Your ongoing support is greatly appreciated by us, and we remain dedicated to safeguarding your privacy.

Wishing you a safe and successful 2025.

Yours sincerely,

Themba Phiri
Cell C Information Officer

Previous updates

30 December 2024

Information for Partners

We have detected a cybersecurity incident impacting parts of our IT environment. Upon discovery, we took immediate action to contain the issue and engaged cybersecurity experts to assist with our investigation. 

Our top priority is to protect the integrity of our systems and the confidentiality of customer data. While we continue to assess the full scope of the incident, initial findings from our ongoing investigation suggest that data related to a limited number of individuals may have been accessed by an unauthorised party.

We have notified the relevant authorities, and we will keep stakeholders informed as we work to resolve the situation. 

Cybercrime is increasingly prevalent locally and globally, and we continuously invest in enhancing our cybersecurity measures to mitigate risk. We would like to encourage our customers to stay vigilant and take steps to protect their personal information. Customers can also access our website for tips on staying cybersmart here.

We remain committed to safeguarding stakeholder privacy and will provide updates as more information becomes available. 

Previous updates

30 December 2024

Information for Media

Monday, 30 December 2024

We have detected a cybersecurity incident impacting parts of our IT environment. Upon discovery, we took immediate action to contain the issue and engaged cybersecurity experts to assist with our investigation.

Our top priority is to protect the integrity of our systems and the confidentiality of customer data. While we continue to assess the full scope of the incident, we believe a limited number of customers' data may have been accessed. We are working to identify the affected information and encourage customers to update passwords and remain vigilant to potential fraud.

We have notified the relevant authorities and are fully cooperating with their investigation. We will keep stakeholders informed as we work to resolve the situation. Cybercrime is increasingly prevalent locally and globally, and we continuously invest in enhancing our cybersecurity measures to mitigate risk. We urge all customers to stay cautious and vigilant.

We remain committed to safeguarding stakeholder privacy and will provide updates as more information becomes available.

For inquiries, please contact:
media@cellc.co.za

How To Protect Yourself From Cybercrime. Learn more


Previous statements

30 December 2024

Cybersecurity Update – FAQs

Q: What happened?

A: Cell C previously detected unauthorised access to some parts of our IT environment. The investigation has confirmed that the breach was more extensive than initially assessed, primarily due to the complex nature of the unstructured data involved. We regret to inform you that the data compromised in the incident has now been published on the dark web by the threat actor. We understand the seriousness of this development and deeply regret the distress or concern it may cause.

Q: Who are the threat actors?

A: The threat actors have identified themselves as RansomHouse.

Q: When did it happen?

A:  On the 28th of December 2024 it was established that some of our customer data had been compromised.

Q: How did the incident occur?

A: The attack exploited a vulnerability to gain unauthorised access to a server within our corporate network. Immediate steps were taken to contain the issue.

Q: Has data been published by the threat actor?

A: Yes. We can confirm that RansomHouse has published a portion of data exfiltrated during the cyber incident. We’ve issued a general media statement and updated all relevant stakeholders accordingly.

Q: What kind of data was published?

A: The compromised data includes a wide range of unstructured files. For each stakeholder group (customers, employees, partners, etc.), we've assessed the scope and shared tailored updates directly.

Q: What is unstructured data?

A: Unstructured data refers to information that does not have a fixed format or structure, making it difficult to organise and analyse. Unlike structured data, which is neatly arranged in tables, unstructured data includes a variety of formats, such as typical Microsoft Office documents, text documents, images, and videos.

Q: Has sensitive information been exposed?

A: In some cases, limited personal information is involved. We’ve found no evidence of mass exploitation to date. No customer banking PINs, passwords, or full authentication data have been identified as exposed.

Q: How can individuals protect themselves?

A: Given that this information has now been published on the dark web, we urge you to take steps to protect yourself from potential fraud or identity theft. We recommend monitoring financial accounts, changing passwords, and setting up two-step verification on all financial/banking apps.

Q: How do I protect myself/prevent my information from being used for fraud?

  1. The Southern African Fraud Prevention Service (SAFPS) offers the following advice to help protect your identity.
    • Apply for Protective Registration - The Southern African Fraud Prevention Service (SAFPS) offers a free protective registration service for victims or potential victims of identity fraud. This means that additional verification measures will be taken when credit is applied for in your name. You can apply via the SAFPS website: www.safps.org.za in three ways –
      • Apply online: Click here.
      • Apply via Email: Download the PR Application Form here and email it to protection@safps.org.za with the necessary supporting documents (certified copy of your ID or passport, proof of address, and completed application form).
      • SAFPS Call-Back: You can also submit your details through the SAFPS website https://www.safps.org.za/, and an agent will contact you to begin the process.
  2. Monitor Your Financial Accounts: Check your bank statements and report any suspicious transactions.
  3. Stay Vigilant with Your Personal Information: Be cautious when sharing your ID, address, or bank information—especially in digital formats or with unfamiliar contacts.
  4. Monitor Your Credit Reports: Regularly check your credit reports with major credit bureaus (TransUnion, Experian, XDS, and Compuscan) for any unusual or unauthorised activity.
  5. Update Your Passwords: If you use your work password elsewhere, consider changing it to something strong and unique.
  6. Enable Fraud Alerts: Contact your bank to activate fraud alerts on your account.
  7. Report Suspicious Activity: If you suspect that you are a victim of identity fraud, report it immediately to SAFPS and open a case with the South African Police Service (SAPS).
Please remember, SAFPS, Cell C, and legitimate financial institutions - will never ask you for your password, PIN, or OTP.

Q: What is Cell C doing in response?

A: We’ve:

  • Notified affected stakeholders and authorities
  • Engaged top-tier cybersecurity and forensic teams
  • Reinforced our systems and controls
  • Published resources and guidelines, including SAFPS fraud protection steps

Q: What actions are you taking to prevent this in the future?

A: Cybercrime is increasingly prevalent locally and globally, and we continuously invest in enhancing our cybersecurity measures and our IT environment to mitigate these risks. We are taking comprehensive steps to further strengthen our security, including engaging top forensic experts to conduct a detailed analysis, enhancing monitoring, and conducting a full review of our IT systems. We remain committed to maintaining the highest standards of data security.

Q: Should I contact the company if I have concerns?

A: Absolutely. If you have any concerns or questions, please reach out to our customer support team at 084 135. For media queries, please reach out to our media team at media@cellc.co.za. We are committed to transparency and addressing any concerns you may have.

Support & Fraud Protection Application

Should you have further concerns or questions, please contact:

  – Customer care team: 084 135.

  – Media team: media@cellc.co.za.

Apply online

Apply here

Apply via Email:

Download the PR Application Form and email it to protection@safps.org.za with the necessary supporting documents (certified copy of your ID or passport, proof of address, and completed application form).

Download the PR Application Form (757KB PDF)

SAFPS Call-Back

You can also submit your details through the SAFPS website, and an agent will contact you to begin the process.

After applying, SAFPS will issue a Protective Registration reference number and a Victim of Impersonation letter within 48 hours. This letter will help future credit providers verify your identity and protect against fraud. You can contact SAFPS directly at 01I 867 2234 or protection@safps.org.za .

Thank you for your understanding, patience and ongoing support.

Privacy and Legal Compliance

Read more about our privacy and legal compliance here.

location
Cell C Head Office

Waterfall Campus, Corner Pretoria Main
Road and Maxwell Drive, Buccleuch,
Midrand, 2090

Get directions
location
Customer queries

For any customer queries, please email us at:

customerservice@cellc.co.za
location
Investor queries

For any queries, please email us at:

investorrelations@cellc.co.za
location
CSI queries

For any CSI queries, please email us at:

CSI@cellc.co.za
location
Media queries

For any queries, please email us at:

media@cellc.co.za

Cell C is a leading mobile provider in South Africa offering a wide range of products and services, including voice, data, device and SIM deals to more than 20 million customers.

About Cell C
Who we are How we operate What we do Our leadership Governance Transformation
Investor relations
Investors overview Financial overview Investor calendar
Stories of change
Stories of change
CSI
Youth development and inclusivity Education and employment creation Digital access Acts of kindness Employee volunteerism
Working at Cell C
Working at Cell C

Site map | Terms of use | Terms & Conditions | Acceptable use policy | Privacy Policy

COPYRIGHT © 2025 CELL C. ALL RIGHTS RESERVED