There’s been a data breach on a provincial government website. This has been confirmed in an e-mail by the Secretary to the Provincial Parliament.
The e-mail reads, “On 23 May 2023, the Western Cape Provincial Parliament’s network and information and communications technology (ICT) systems were compromised by a malicious attack. This matter has been reported to the South African Police Service and the State Security Agency.”
Western Cape Government Data breach
While progress has been made in restoring the Provincial Parliament’s ICT infrastructure, the forensic auditors contracted by the Provincial Parliament have advised that a worst-case-scenario assumption should be adopted in respect of whether its data has been compromised by the cyberattack. To this end, the WCPP is proceeding on the assumption that some or all of its data has or may have been leaked.
This also applies to personal information, such as names, email addresses, telephone and cellphone numbers, identity numbers, bank account information, and financial statements, held by the WCPP. This creates a heightened risk for the abuse of personal information.
Data could have been leaked
WCPP stakeholders, including participants in WCPP events, media representatives, members of the Cape Town consular corps, job applicants and service providers, are therefore advised to exercise vigilance in respect of their personal information.
Please consider the following practical advice to protect your identity and to improve your personal security:
1. Change the passwords for all your critical online accounts, particularly those related to your finances and those containing sensitive information. Enable two-factor authentication wherever possible. Do not use the same password for your online accounts. Do not use easily guessable passwords.
2. Actively monitor your bank accounts and statements. Keep a close eye on your bank and credit card statements for any unauthorised transactions or suspicious ac??vi??es. Report any anomalies to your financial institutions promptly.
READ MORE: Understanding cyber security
3. Be cautious of phishing attempts. Scammers may try to exploit the situation by sending phishing emails or making fraudulent calls. Be vigilant and avoid clicking on suspicious links or providing personal information over the phone unless you are certain of the caller’s authenticity.
4. Pay special attention to your online profiles (including Facebook, Twitter and LinkedIn) and be cautious of strangers contacting you unexpectedly, even if they seem to know quite a bit about your personal circumstances (social engineering techniques).
MORE ABOUT: Let’s use the law to protect out private information
5. Consider identity theft protection services (for example TransUnion). Evaluate whether subscribing to an identity theft protection service could be beneficial for you. These services can help monitor your personal information and notify you in the event of potential identity theft incidents or applications for credit using your personal details.
6. Ensure that your communication devices, including computers and smartphones, have up-to-date security software and operating systems. Regularly apply patches and updates to minimise vulnerabilities.
Data breach probe underway
The email further states, “Unfortunately, we do not know what or whose personal information may have been breached. We understand that any access to personal information is concerning and we therefore encourage all our stakeholders to follow the practical advice provided above and to be extra vigilant.”
The WCPP is working tirelessly to address the security concerns caused by the cyberattack and to reduce any risks to our stakeholders.
THE ABOVE ARTICLE WAS SENT OUT BY THE PROVINCIAL GOVERNMENT.
NOTICE IN ACCORDANCE WITH SECTION 22 OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 (ACT 4 OF 2013)