Western Cape Parliament cyber-breach now under Hawks’ radar

While the Western Cape Provincial Parliament (WCPP) says cyber security has been beefed up following a data breach, the Hawks investigation into the matter continues.

While the Western Cape Provincial Parliament (WCPP) says cyber security has been beefed up following a data breach, the Hawks investigation into the matter continues.

Published Jul 6, 2023

Share

While the Western Cape Provincial Parliament (WCPP) says cyber security has been beefed up following a data breach, the Hawks investigation into the matter continues.

WCPP information and communications technology (ICT) services were compromised overnight on May 23 by a malicious attack during which their systems were temporarily inaccessible.

The cybersecurity breach was reported to police and the State Security Agency (SSA) and police.

SAPS confirmed the matter was handed over to the Hawks as it was a “crime against the state”.

Hawks spokesperson, Zinzi Hani, said: “We confirm that the matter is under investigation and at this time we are not going to divulge any further details due to the sensitivity of the matter.”

The SSA did not respond to numerous enquiries by deadline.

The WCPP in June had published a notice in accordance with Section 22 of the Protection of Personal Information Act (Popia), 2013 (Act 4 Of 2013), of a data breach, and advised participants in WCPP events, media representatives, members of the Cape Town consular corps, job applicants and service providers to exercise vigilance in respect of their personal information following the cyber attack.

Forensic auditors contracted by the provincial parliament had advised that a worst-case scenario assumption should be adopted in respect of whether its data has been compromised by the cyberattack and the WCPP was proceeding on the assumption that some or all of its data has or may have been leaked.

WCPP spokesperson Matthys Odendal on Wednesday said an investigation showed that the damage was minimal.

Odendal said a “full forensic audit” was done as part of their investigation and contingency measures to isolate the breach.

“We conducted a full restore of our systems from backups and notified our data subjects as per legal requirements. Existing security systems have and continue to be enhanced and augmented.

“Due to the WCPP’s focus on ICT security we were able to recover from this cyber-attack with minimal/negligible disruption to our operations,” said Odendal.

Earlier this month, the Department of Justice and Constitutional Development was ordered to pay a R5m fine after failing to comply with an enforcement notice after contravening sections of Popia.

On May 9, the Information Regulator issued the department with an infringement notice after a security compromise on its IT systems in September 2021.

The Regulator conducted an own initiative assessment after the data breach and found that the department had failed to put in place adequate technical measures to monitor and detect unauthorised exfiltration of data from their environment resulting in the loss of approximately 1 204 files.

Cape Times