South African justice department clueless about hacked data
It’s not exactly the headline you’d want for your agency, but that’s what MyBroadband came up with for this report by Myles Illidge:
The Department of Justice and Constitutional Development (DoJ&CD) has no idea whether any data was stolen during a ransomware attack on its systems in September 2021.
“The Department cannot tell with certainty as to what happened to the compromised information,” justice minister Ronald Lamola said in response to written questions from the DA’s Glynnis Breytenbach.
“As at 1 December 2021, the analysis and/or forensic investigation is still inconclusive in terms of the exact nature of the information that was sent outside of the Department as part of the breach,” Lamola stated.
Read more at MyBroadband.
The more of the report I read, the more accurate the headline actually sounds. The government did not try to decrypt the encrypted files because they did not have the decryption key. It is not clear if they every reached out to NoMoreRansonware to see if there was any help to be had, but they report that they were able to restore from backups anyway.
Does anyone know who the threat actors were or the type of ransomware in this case?