South African pension fund attack admitted by LockBit

LockBit returns after takedown with new extortion threats

South Africa's Government Employees Pension Fund, which is the largest fund of its kind in Africa, was claimed to have been compromised by the LockBit ransomware operation in an intrusion last month that resulted in operational and pension payment disruptions, according to The Record, a news site by cybersecurity site Recorded Future.

Such claims are already under investigation, noted a GEPF spokesperson, who added that the country's Government Pensions Administration Agency initially informed the fund that its systems had been spared from a breach. "GPAA has reconfirmed that preventative action was taken when it became aware of the attempted access to its systems which included 'shutting down' all systems to isolate affected areas. GPAA further confirmed that pension payments are not affected," the spokesperson said. LockBit's admission of attacking GEPF comes after the ransomware gang sought to restore its operations following a takedown last month. However, cybersecurity experts Valery Rieb-Marchive and Allan Liska said that new attacks being claimed by LockBit have been "recycled" from before its dismantling.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.