The Office of the Data Protection Commission (ODPC) has singled out at least 40 Digital Credit Providers (DCPs), among them Branch and Tala, for suspected personal data breaches.
The ODPC said by September 30, 2022, it had received 1,030 complaints and admitted 555 of the complaints, 54 per cent of which relate to digital lenders.
Most of the complaints were about exposure of confidential, sensitive, or protected information to unauthorized persons.
The digital credit providers are set to undergo a preliminary documentary assessment. They will be required to provide the requisite documents to the Data Commissioner Office by October 18, 2022, failure to which they will be deemed as unwilling to cooperate.
DCPs under audit for the alleged data breaches are: Branch, Tala, Zenka Digital, Zuri Cash, Premier Credit, Credit Moja and Hela Credit, Apesa, AsapKash, Cash, Cash Sea, CollectPlus, Coopesa, Credit Kes, Credit Moja, Deltech Capital Limited, and Direct Cash.
Others are: Rocket Pesa, Senti, SkyPesa, Zash Loan, PapCash, Pocket Cash, MetaLoan, MoKash, FairKash, FlashPesa, Flexi Cash, Hikash, iKash, Connect, InstarCash, iPesa, Kash Loan, KashBean, KashPlus, Kashway, KesLoan, Lemon Kash, LionCash, M-Credit.