Statistics South Africa has confirmed that its human resources database was compromised in a cybersecurity breach, exposing personal information of job applicants and raising fresh concerns about the vulnerability of government digital infrastructure.
The breach, which granted unauthorised access to the agency’s online job application system, forms part of a growing pattern of cyber attacks targeting South African public institutions. StatsSA acknowledged that data contained in the HR system was compromised during the incident.
A cybercrime group known as XP95 has claimed responsibility for the attack, alleging they stole more than 450 000 files totalling 154GB of data. The group has demanded a ransom of $100 000 (approximately R1.7 million) from the statistical agency.
StatsSA has confirmed it will not pay the ransom and will instead follow legal processes outlined by the Information Regulator and the Public Finance Management Act.
ALSO READ: Vietnam arrests over 300 in major Cambodia cybercrime bust
The Public Servants Association has expressed deep concern over the breach, warning that citizens now face increased risks of identity theft, fraud and misuse of personal information.
“The PSA views this breach as a serious warning about the vulnerability of government systems, particularly those hosting sensitive personal information of citizens and job seekers,” the union said in a statement.
The association called the incident part of a growing pattern of cyber attacks against public-sector digital infrastructure, highlighting the urgent need for a comprehensive cybersecurity overhaul across all government departments.
ALSO READ: Four nabbed in Bothasig for cyber-fraud
Cybersecurity experts have noted that repeated breaches across government entities reflect long-standing weaknesses in outdated systems, inadequate patching and insufficient safeguards.
The PSA has urged government to prioritise modernising digital infrastructure, strengthening monitoring and detection capabilities, and ensuring all departments adopt robust, standardised cybersecurity frameworks.
The union is also calling for urgent investment in training public-sector employees on cyber hygiene, full enforcement of consequence management measures, and the establishment of a coordinated national cybersecurity response unit.
“A coordinated national cybersecurity strategy must be developed as a matter of urgency,” the PSA stated.
The breach at StatsSA follows similar incidents at other government departments, raising questions about the security of sensitive data held by state institutions and the readiness of South Africa’s public sector to defend against increasingly sophisticated cyber threats.
ALSO READ: South Africa becomes Africa’s top cyber target as AI-driven attacks surge
