Sassa refutes hacker group’s claim to use stolen identities for social grants

South Africans urged to take preventative steps

The South African Social Security Agency (Sassa) is confident its information is protected after a notorious hacker group, known as N4ughtySecTU, threatened to release information, claiming it was able to claim grants using stolen identities.

Sassa spokesperson Andile Tshona confirmed to Sowetan's sister publication TimesLIVE that the agency is aware of the claims of a potential data breach linked to the international hacker group. He said the group had not directly contacted Sassa. 

While the group has claimed to be using stolen identities to make fraudulent applications for social grants, there is no indication that Sassa’s system has been compromised.

“We have stringent measures in place to protect clients' data,” he said, adding Sassa’s cybersecurity protocols are robust in preventing data breaches.

He urged South Africans to take proactive steps in protecting their identities.

"Unfortunately, criminal activity such as identity theft compromises the victims of fraud. This will make it harder for them to apply for a social grant or any other financial service in the future," he said.

The N4ughtySecTU group has been involved in previous high-profile cyberattacks. The group is believed to be responsible for stealing sensitive data from TransUnion, one of South Africa’s major credit bureaux. The hackers demanded a $15m (R224m) ransom in cryptocurrency but TransUnion refused to comply following advice from the government and cybersecurity experts.

TimesLIVE