Customers’ data safe, Paratus says after hacking

PARATUS Namibia says customers’ personal data is safe after the company was hacked last week.

The company last week reported a cybersecurity breach that compromised 84 gigabytes of data.

They are the second telecommunications company to experience a security breach after Telecom Namibia (TN) was hacked, compromising the personal data of more than 600 000 Namibians, including high-ranking officials and government ministries, in December last year.

Paratus’ data was compromised via a cyber attack by Arika, a globally known cyber-criminal group that emerged in March 2023.

This attack comes just two months after Telecom was hacked and another data breach was reported at Standard Bank.

Paratus managing director Andrew Hall says although there has been an attack, customer data stored in the company’s cloud-hosted backup solution remains protected by encryption, rendering it inaccessible to external parties.

“We regret to announce that we have fallen victim to malicious actors operating for their own gain. Nonetheless, we are taking a firm stance against this criminal act and wish to provide our stakeholders with a clear update on the situation,” he says.

In a statement issued on Wednesday evening, Paratus said the attack has disrupted some of its information systems, disrupting operations as a result.

“The company would like to advise its stakeholders that it detected unauthorised activity on its internal information technology system and that it is currently managing the cyberattack,” read the statement.

The company said it is continuing investigations to determine the scope of the attack.

“This combined team has been working around the clock to bring the affected systems back online on a risk-managed basis in line with best practices,” Paratus said.

The Communications Regulatory Authority of Namibia (Cran) through the Namibia Cyber Security Incident Response Team (Nam-CSIRT), has started its own investigation into the incident.

“Nam-CSRIT acknowledges the cyber incident affecting Paratus Namibia Holdings. Given the sensitive nature of the matter, Nam-CSIRT has launched an independent investigation. Nam-CSIRT will provide an appropriate update in due course,” says Cran spokesperson Mufaro Nesongano.

Bank of Namibia governor Johannes !Gawaxab during a chief executive roundtable engagement says there should be stricter regulatory frameworks to combat rising cybersecurity threats while ensuring the responsible adoption of artificial intelligence in the financial sector.

“Regulatory measures essential for financial stability must remain uncompromised. However, we must also ensure that the financial system serves as an engine for economic growth by facilitating lending and investment,” said !Gawaxab.