Information Regulator of South Africa concerned by breaches and ransomware attacks

security breaches ransomware south africa

The Information Regulator of South Africa has said it’s concerned by the number of security breaches in South Africa. This follows a ransomware attack on the Department of Justice and Constitutional Development (DOJ&CD) and other incidents.

Last week, the DOJ&CD confirmed that its systems were compromised by ransomware. The malware took down the department’s website and IT systems.

“Even more concerning is that this security breach did not only interrupt the DOJ&CD’s IT systems, but also impacted on the work of the Information Regulator which relies on the DOJ&CD’s IT systems for its own operations,” the IR said in a statement.

“As a result of this security breach the Regulator’s website was temporarily unavailable (for three days), and the e-mail system went offline and remains unavailable.”

The IR has since written to the DOJ to seek details on the impact of the breach.

Meanwhile, Regulator Chairperson Advocate Pansy Tlakula said that the body is concerned by the number of breaches occurring in the country.

“In August alone, 38 responsible parties suffered, and reported, security breaches,” she said.

She reminded that under POPIA laws, responsible parties need to notify data subjects if their data has been compromised. She also noted that data needs to be reasonably protected.

“Responsible parties are reminded of their obligation under POPIA to secure the integrity and confidentiality of personal information of data subjects by taking appropriate, reasonable technical and organisational measures to prevent unlawful access to or processing of personal information,” she said.

“Failure to do so has legal consequences.”

Information Regulator still affected by ransomware attack

The Regulator noted that it is still affected by the DOJ’s breach.

All electronic services, including emails, applications, and complaints are still unavailable.

It also said that no signs of data compromise were found yet.

In July, Transnet was also hit by a cyberattack that affected its port operations. This resulted in the state-owned company declaring a period of force majeure which took effect from 22 July to 2 August.

Publicised attacks on state and state-owned entities like these have raised concerns around cybersecurity preparedness in the country.

However, ransomware bringing companies and state departments to a standstill have increasingly made headlines around the world.

This includes the US Colonial Pipeline and the Irish Health Service Executive in May.

Read more: SARS MobiApp currently unavailable for Android users

Feature image: Memeburn

Megan Ellis


Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

Sign up to our newsletter to get the latest in digital insights.