Bail services affected in South Africa after ransomware attack
Image: Tim Johnson
Catalin Cimpanu September 11, 2021

Bail services affected in South Africa after ransomware attack

Bail services affected in South Africa after ransomware attack

A ransomware attack has taken down several IT services for the Department of Justice and Constitutional Development of South Africa, including systems handling the department’s emails and national bail services.

The incident took place on the evening of September 6, this past Monday, the department said in a public statement.

“This has led to all information systems being encrypted and unavailable to both internal employees as well as members of the public,” DOJCD officials finally revealed on Thursday, after days of keeping citizens in the dark about a prolonged outage.

“As a result, all electronic services provided by the Department are affected, including, issuing of letters of authority, bail services, email, and the departmental website,” officials added.

“Child Maintenance payments for month-end have already been processed and will therefore not be impacted by the current system outage.”

Officials said they’re currently using manual processes to keep court activity going and release the necessary documentation for bereaved families who need to bury their loved ones.

The DOJCD has not named the ransomware gang behind the attack, and no group has publicly claimed responsibility for the incident.

News of the attack comes after, on Monday, the South African National Space Agency (SANSA) disclosed a security breach of its own, admitting that files containing personal records of past SANSA students were accidentally left on a public FTP server.

The files were discovered by a threat actor named the CoomingProject, who attempted to extort the agency before leaking the files on their website after the extortion failed. The files have now been removed from the group’s public website.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.