HIGHData Breach
Global

ZA: Copying the wrong person on an email could be considered a data breach in South Africa

·Source: DataBreaches.net

Updated:

Executive Summary

Jan Vermeulen reports: Misdirected internal emails that expose personal information can trigger mandatory data breach reporting under South Africa’s data privacy law, POPIA, even when the disclosure was accidental. Armand Swart, Hlonelwa Lutuli, and Isabella Keeves from Werksmans Attorneys said an Information Regulator enforcement notice against Central Johannesburg TVET College confirmed this pos

Analysis

Jan Vermeulen reports: Misdirected internal emails that expose personal information can trigger mandatory data breach reporting under South Africa’s data privacy law, POPIA, even when the disclosure was accidental. Armand Swart, Hlonelwa Lutuli, and Isabella Keeves from Werksmans Attorneys said an Information Regulator enforcement notice against Central Johannesburg TVET College confirmed this position. The case... Source
Source Attribution

Originally published by DataBreaches.net on Jun 29, 2026.

Related Threats