(Withaya Prasongsingh/Getty Images)
- GEPF announced that its administrators were attacked by ransomware on February 16th and their data was compromised.
- The LockBit ransomware group claimed responsibility for the attack.
- GEPF says pension payments will not be affected, but says it is in discussions with the administrator and the National Treasury to establish the impact of the reported data breach.
- For more financial news, visit: News24 Business Top Page.
The Government Employees' Pension Fund (GEPF) has announced that its data has been allegedly compromised in a ransomware attack on its administrator, the Pensions Authority (GPAA).
GEPF, which manages the retirement savings of approximately 1.27 million public servants and more than 473,000 pensioners and other beneficiaries, said on February 16 that an unknown person attempted to access GPAA's systems. He said this was the first time he had received a report.
Although GPAA initially reported that no data breach had occurred, administrators later established that the data had been compromised in a ransomware attack by a group known as LockBit.
“GEPF has received a report from GPAA that a preliminary investigation has determined that certain GPAA systems have been compromised,” the fund said in a statement released Tuesday, a day after certain GPAA data was leaked by Rockbit. issued a statement via email.
“GEPF is extremely concerned about this alleged security breach.”
The GPAA is investigating this apparent data breach and whether it impacts the GEPF, although pension payments have not been affected. In a statement, GEPF said the ransomware attack by LockBit included “shutdown” all systems to isolate the affected area.
Precautionary measures were subsequently taken by the GPAA, the statement added.
“GEPF is working with the GPAA and its regulator National Treasury to establish the veracity and impact of the reported data breach and will provide further updates in due course,” the fund said. “GEPF cannot comment further on this matter until the facts are fully established.”
Mybroadband reported on February 21 that someone had attempted to access the GEPF system, citing anonymous sources who said the fund had not made any pension payments since February 12. The tech-focused news site also cited a notice on the GEPF website at the time that said there had been an attempt to gain unauthorized access to GEPF's systems on February 16, but that the notice said payments had not been affected. It had been.
Various social media and technology websites such as The Record reported on Tuesday that Rockbit claimed responsibility for the ransomware attack on GPAA. According to Wikipedia, LockBit is a cybercriminal group that was first discovered in September 2019 and is responsible for 44% of all ransomware incidents worldwide by 2023.
The GEPF website states that it had accumulated R2.09 trillion in funds and reserves as at 31 March 2021. Defined benefit funds were established in 1996, when various public sector pension funds were combined.
