Estimated reading time: 2 minutes
At least 1 200 files, including the names, banking details, and contact details of those who have submitted personal information to the Department of Justice, may have been compromised. This was during a ransomware attack on the department’s IT systems in September.
According to the department’s Director-General Advocate, Doctor Mashabane, the ransomware attack left all the department’s information systems encrypted and unavailable. Following this, the department later recovered some functionality on its maintenance payment system.
Mashabane explains, “Since the breach occurred, the department analysed the nature and extent of the breach, and has found that there might be personal information that has been accessed or acquired by an unauthorised person/institution, whose identity is currently still unknown.”
He added that the consequences of the breach are the selling of personal information and its use for unlawful purposes.
The Director-General said that those who may have used the department’s services are requested to:
- Review their financial accounts and bank statements;
- Keep an eye on bank notifications in terms of purchases made and
- Inform law enforcement of any suspected or actual act if identity theft occurs.
Mashabane said the department had introduced measures to prevent a similar attack and strengthen its IT security, including:
- Enhancing access control measures;
- Upgrading of IT defensives measures and
- Upgrading of anti-virus and anti-malware software.
“The department will ensure that all those who may be affected are kept up to date with regard to further investigations of the nature of the personal information that was compromised.”
What are your thoughts on the matter? Share your views in the comment section below.