Pam Golding Properties data breach: What you need to know and what’s being done

Pam Golding Properties has expressed sincere regret over a data breach that has led to unauthorised access to personal information stored on its customer relationship management (CRM) system, hosted on servers in South Africa.

13 Mar 2025

Source: Pexels.

The incident, which occurred last week, Friday 7 March 2025, saw a third party (who is unknown at this stage), gain unauthorised access to the Group's system using a user account.

"This information pertains to some of our clients. It is important to note that no banking details, financial information, commercial information and/or other documents were compromised," the Group noted in a media statement.

"As soon as we became aware of the security compromise, we took immediate action to secure our systems and removed all unauthorised access. While investigating the impact of this incident, we also immediately began implementing steps to contain the incident and prevent any further compromises."

The affected clients have subsequently been notified of the compromise in terms of the Protection of Personal Information Act (POPIA), and details of this matter have been reported to the Information Regulator as required by law. The incident has also been reported to the South African Police Service and a case number has been allocated.

Strengthening security measures

"We are taking this incident extremely seriously and are taking numerous steps to contain the incident and prevent any further recurrence," the statement said. "The affected user accounts have been secured, all active sessions have been terminated, and we have reset passwords for all our user accounts system-wide.

"We have reviewed all system access logs to determine the extent of the breach and to identify any affected data. We are patching any potential vulnerabilities and reinforcing our security protocol, and implementing additional monitoring tools to detect and respond to any future potentially suspicious activity."

Client advisory notice

The Group said it has also appointed independent cybersecurity specialists to investigate the incident and will adopt any appropriate recommendations to further enhance its existing access control measures.

"In our communication to affected clients, and while we are still investigating the full scope of the incident, we have made them aware of potential risks, namely that:

As a third party accessed our system using a user account, client information may have been viewed or queried.
Cybercriminals sometimes use stolen information to send fraudulent emails or messages, purporting to be from trusted sources, and
if personal details were accessed, there is a small risk of identity fraud, although we have no evidence of misuse at this time.
Accordingly, we have advised affected clients to be cautious about clicking on links and providing sensitive information, including bank pins and user login passwords. We have cautioned them that if they suspect that a person other than one of our authorised agents is attempting to contact them or obtain their personal information, that they should contact our Information officer via informationofficer@pamgolding.co.za, or the agent with which they usually deal.

"We take client privacy and security, and our privacy commitments under POPIA very seriously and sincerely regret any distress or inconvenience this incident may cause. While we are still in the process of fully investigating this incident, we will be implementing additional security measures to protect all information and to minimise the effect of this security compromise."