Sensitive data leaked after Namibia ransomware hack
- Published
Namibia's state-owned telecoms company has fallen victim to what is known as a ransomware attack resulting in the leak of sensitive customer data, including reportedly information about top government officials.
Telecom Namibia said the data had been released after it refused to engage with a group of hackers known as Hunters International.
The company said that it is now investigating how such a massive breach of its system occurred.
Outgoing President Nangolo Mbumba has condemned the cyberattack.
He called for it be dealt with the "urgency it deserves", adding that cybersecurity was a matter of national security, his spokesman Alfredo Hengari was quoted by The Namibian newspaper as saying.
Local media reported that the hackers stole nearly 500,000 pieces of information including personal and financial data belonging to ministries, senior government officials and other company clients.
In a statement on Monday, Telecom Namibia said that it only discovered last Friday that some of its customers' data had been leaked onto the dark web.
Chief executive Stanley Shanapinda said the hackers made the stolen data public after Telecom Namibia said it was not willing to negotiate with them over the ransom that was demanded.
He added that at first seemed that no sensitive information had been compromised.
Sensitive customer records, including personal identification details, addresses, and banking information are said to have leaked and shared on social media.
Telecom Namibia has said it is working with security officials to "minimise any further exposure and bring the criminals to justice".
The company has in the meantime warned that people should not share any of the leaked information.
"We caution that anyone that uses and/or circulates any personal information that has been leaked will be committing a criminal offence," Mr Shanapinda said.
The company has also urged customers to change passwords on their personal devices and avoid making money transfers in suspicious circumstances.
Ransomware is malicious computer software that locks up data and devices until a ransom is paid.
Like in the Telecom Namibia's case, ransomware hackers typically ramp up pressure for the victims to transfer funds, usually in in cryptocurrency to an anonymous digital wallet.
The hackers will likely set a deadline by which the money should have been transferred, or else they leak potentially sensitive data to the public.
Mr Shanapinda said in an interview with local media that the company would not "negotiate with cyber-terrorists".
"We know the sums they're asking for are exorbitant and unaffordable, so there's no reason to even consider discussing it. And even if you do pay a ransom, there's no guarantee the information won't still be leaked," he said.
More on cyber-crime in Africa:
Go to BBCAfrica.com, external for more news from the African continent.
Follow us on Twitter @BBCAfrica, external, on Facebook at BBC Africa, external or on Instagram at bbcafrica, external