Statistics South Africa has confirmed a cybersecurity breach affecting its human resources database used by job seekers, with cybercrime group XP95 claiming responsibility. The group has reportedly demanded around R1.7 million in ransom, which Stats SA has refused to pay. Authorities are now working with relevant bodies to assess the full impact of the breach.
Speaking to VOC News, security strategist Andy Mashaile warned that the scale of the breach is significant. “They are looking for 100,000 US dollars for stealing 450,000 files,164 gigabytes of data,” he said. The compromised information includes names, ID numbers, contact details, CVs, and employment histories. “Simply put, high-value identity data,” Mashaile explained.
He cautioned that the stolen data could be used in targeted cybercrime campaigns. “They will be contacting those whose details they have obtained, sending phishing emails, smishing, and vishing,” he said, adding that many individuals could fall victim to scams if they are not vigilant.
Mashaile emphasised the broader implications of the incident, noting that Stats SA plays a critical national role. “This is a very serious data breach, a serious threat to national security,” he said.
The breach has raised concerns about data protection and public trust, highlighting the growing risks posed by cybercrime and the need for stronger safeguards to protect sensitive personal information.
Listen to the full interview below:
VOC News
Photo: Pixabay
