Lockbit group has claimed responsibility for an attack on the pension fund of civil servants in South Africa, resulting in organizational disruption and a halt in pension payments.
The Government Pensions Administration Agency (GPAA) oversees the management of funds for the Government Employees Pension Fund (GEPF), which is the largest pension fund in Africa, catering to approximately 1.7 million public servants, pensioners, as well as their spouses and dependents.
Initially, GPAA stated that there was no breach of data protection following the cyber attack on February 16. However, on March 11, Lockbit released some GPAA data, and it was subsequently revealed the next day that some GPAA systems had been compromised.
A representative from GEPF informed Recorded Future News that GPAA is investigating the alleged data breach and its impact on GEPF. They assured that measures had been implemented to prevent unauthorized access to systems, such as disconnecting and isolating affected network areas. GPAA also confirmed that the pension payment system remained unaffected.
The GEPF representative mentioned ongoing collaboration with GPAA and the National Treasury of South Africa to verify the legitimacy and impact of the reported data breach, with a promise to provide further updates in the future.
Earlier reports from local media detailed how pension payments were not made to recipients from February 12, and the organization’s offices were closed from February 16 to 21 due to an attempted unauthorized access to the systems. Following these incidents, services at regional offices were restored, and GEPF reassured employees and pension beneficiaries of the safety of their personal information, asserting that the administration system had not been compromised.