Hackers infiltrate South Africa's business registry

Unfortunately, certain personal information of clients and CIPC employees was unlawfully accessed and exposed

Hackers infiltrate South Africa's business registry
Photo by Caspar Camille Rubin / Unsplash

The body responsible for registering and protecting the rights of businesses in South Africa, the Companies and Intellectual Property Commission (CIPC), which falls under the Department of Trade, Industry, and Competition, has been cyber-attacked.

In a media statement released on 29th February, the CIPC said it noticed that its database suffered an "attempted" security breach targeting the personal information of its clientele and employees. However, the registry does not say how much information has been compromised.

"Our ICT technicians were alerted, due to extensive firewall and data protection systems in place at the CIPC, to a possible security compromise, and as a result, certain CIPC systems were shut down immediately to mitigate any possible damage," a part of the communique says.

Set up in 2008, the CIPC profiles millions of South African companies, both private, public, and closed establishments. Apart from registering firms and monitoring domestic entities' compliance with Company and Intellectual Property Law, the agency exists to ease doing business.

While there is no indication by the commission as to why the cyberattack happened or who is responsible, apparently the situation was not averted early enough to prevent the exposure of data.

That puts the names, addresses, and contact numbers of directors/owners of enterprises, as well as those of patents and trademark holders, in the wind.

"Unfortunately, certain personal information of our clients and CIPC employees was unlawfully accessed and exposed. CIPC clients are urged to be vigilant in the monitoring of credit card transactions and ONLY approve/authorize known and valid transaction requests. The extent of the exposure is being investigated and will be communicated as soon as possible," the agency says.

"The CIPC recognizes the importance of the consistent availability of our systems and the safeguarding of information that is not in the public domain, and is working actively to minimize the impact on the CIPC clients and employees," it reckons.

This is the umpteenth time the government is on the receiving on of a cyber offensive. In the past year, the Department of Defense, the Western Cape Provincial Parliament (WCPP), the Council for Scientific and Industrial Research, and even President Cyril Ramaphosa have been involved in similar break-ins.

Since the emergence of the coronavirus pandemic, the South has witnessed an increase in cybercrime. The most targeted country in Africa, more than half of its local ventures have been affected by ransomware in the last few years.

Get weekly insights on tech startups and VC in Africa

Join Us On Telegram