We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Front Page News, National

Telecom hit by massive cyberattack … over 400 000 files ‘leaked’ 

2024-12-162024-12-16By Paheja Siririka
Telecom hit by massive cyberattack … over 400 000 files ‘leaked’ 

Telecom Namibia has been hit by a cyber incident involving customers’ data leaks.

Since then, the company has been assessing the full scope and extent of the attack with the help of local and international cybersecurity experts.

CEO Stanley Shanapinda said Telecom Namibia is committed to addressing this matter responsibly, and will issue a detailed statement soon.

“As cyber incidents have become widespread and a common occurrence, we have recently identified and, in time, successfully contained a cyber reconnaissance mission, thanks to our advanced incident monitoring and detection systems and protocols as per our updated cybersecurity policies and controls,” he stated in a ‘confidential’ communique.

On 11 December 2024, Telecom Namibia fell victim to a ransomware attack, allegedly orchestrated by a group known as Hunters International.

This ransomware-as-a-service operation exfiltrated an estimated 626.3GB of data, comprising 492,633 files.

Yesterday, Communications Regulatory Authority of Namibia (Cran) CEO Emilia Nghikembua said they take cybersecurity very seriously.

“Through the Namibia Cyber Security Incident Response Team (NAM-CSIRT), Cran promptly responded upon identifying the attack, and continues to support the affected operator in mitigating its impact,” she added.

Nghikembua highlighted that while Namibia does not yet have a dedicated cybercrime and data protection law, Cran, through NAM-CSIRT, ensures compliance with international best-practices. “The NAM-CSIRT encourages operators and all owners of CI and CII to adopt internationally-recognised best-practices, including encryption and regular security assessments, to enhance cybersecurity resilience,” she stated. It is thus crucial for all stakeholders to invest in proactive cybersecurity measures as the protection of national critical infrastructure requires collective action, strategic planning and a commitment to compliance with global standards.

Nghikembua encouraged stakeholders to swiftly report any incidents to NAM-CSIRT to ensure timely and effective incident handling and support.

Commenting on the incident, IT risk expert Thomas Hamata said the Telecom cyberattack is a reminder of the stakes in today’s digital landscape. For businesses, cybersecurity is no longer optional – it is a foundational requirement.

This incident also highlights the pressing need for Namibia to enforce its Data Protection Act, as the lack of statutory penalties may embolden poor data security practices across organisations. “The attackers set a ransom deadline, threatening to release the stolen data if their demands were not met. When the deadline passed, hundreds of sensitive customer records, including IDs, addresses and banking details were leaked, and began circulating on social media,” said Hamata.

He added that Namibia’s Data Protection Act, which could impose significant fines and penalties for such data breaches, has not yet been enforced, leaving customers with limited recourse under statutory law. However, common law principles may allow for claims of damages due to negligence in safeguarding data.

He added: “For Telecom customers, this breach is more than a corporate cybersecurity failure – it’s a personal privacy crisis. Leaked data could expose individuals to identity theft, financial fraud and phishing scams. Sensitive information like bank account details, personal IDs and contractual records are now potentially accessible to malicious actors on the dark web.”

Hamata said the breach furthermore raises broader questions about organisational responsibility and the long-term risks to customers, and that public circulation of this data on social media increases the likelihood of targeted phishing attacks, where cybercriminals use leaked information to craft convincing scams aimed at stealing even more personal or financial details. “These attacks could lead to severe financial and psychological consequences for affected individuals, including long-term damage to their financial security and creditworthiness. This cyberattack serves as a stark reminder of the steps businesses must take to protect their systems and customers’ data from increasingly sophisticated threats,” he observed.

psiririka@nepc.com.na

MENU