Esquire Online, a division of Esquire Technologies South Africa, confirms that it has identified and contained a security incident involving unauthorised access to part of its online ordering platform.
The incident was detected on Friday, 24 April 2026, and involved access to part of the company’s Syndicated API data feed SQL database associated with its online ordering system.
Esquire Online confirms that its primary database and all financial systems remain fully secure and were not affected.
The information potentially accessed is limited to online order-related data, including company names, email addresses, and order history. The company assures customers that no sensitive personal or financial information – such as identity numbers, banking details, or payment information – has been compromised.
There is currently no evidence to indicate that user passwords were accessed or compromised. Clients are being advised to update their passwords purely as a precautionary measure and as part of best security practice.
While there have been attempts by unauthorised third parties to exploit the situation, Esquire Online states that it has not engaged with such actors. The matter is being handled in consultation with cybersecurity specialists.
In line with its legal obligations under Section 22 of the Protection of Personal Information Act (POPIA), Esquire Online has formally notified the Information Regulator South Africa and will be cooperating fully with its requirements.
“We sincerely regret any concern this incident may have caused,” says Mahomed Cassim, CEO of Esquire Technologies South Africa. “We acted swiftly to contain the issue and are fully committed to protecting our clients and strengthening our systems.”
Esquire’s chief technology officer, Reza Mahomed, adds: “Our teams have moved quickly to isolate the affected systems and implement additional safeguards. We remain focused on ensuring the resilience and integrity of our platform.”