[BreachExchange] Department of Labour employee arrested in connection with cyber attack

Destry Winant destry at riskbasedsecurity.com
Tue Jan 28 10:17:03 EST 2020


https://www.htxt.co.za/2020/01/27/department-of-labour-employee-arrested-in-connection-with-cyber-attack/

An employee who executed a hack on the Department of Employment and
Labour (DEL) was arrested at the weekend.

The employee allegedly attacked a DEL server on 21st January. The
Compensation Fund Anti-Corruption and Integrity Management team was
alerted and an investigation was started by the Compensation Fund
Cyber Crime team.

“The hacker hacked more than 300 employees, which resulted in their
logon details being compromised for malicious purpose,” the department
said in a statement.

“The Compensation Fund Cyber crime team attended to the incident and
have been able to identify one of the employees. The arrested employee
was stationed at the Sandton Labour Centre. The suspect was arrested
on Friday 24 January,” it added.

This is rather big news as despite several hacks grabbing local
headlines, this is the first were we’ve seen news of an arrest.

Back in 2017 a trove of data including ID numbers of South Africans
was leaked online. To date there have been no arrests in regards to
this leak.

Just last year City of Joburg’s network was breached forcing the
municipality to shut several services down. While an international
hacking group was said to be responsible for that hack, there was no
arrest made in that instance either.

This news from DEL then is good but what we’d really like to see in
2020 is more local firms taking cybersecurity seriously.

That includes keeping affected customers informed about the state of
investigations and the outcome of said investigations.

For instance, it has been nearly two years since Liberty customer data
was taken by cyber criminals in a hack and customers still have no way
of knowing what data was taken and what risks they face.

We never thought we’d say it but perhaps local companies need to take
advice from government on how to respond to cybercrime.


More information about the BreachExchange mailing list