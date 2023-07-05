1h ago

Share

Department of Justice fined R5m for not beefing up cyber security after 2021 data breach

accreditation
William Brederode
0:00
play article
Subscribers can listen to this article
The Information Regulator said that the Department of Justice hasn't renewed it's cybersecurity licenses despite being sent an enforcement notice requiring it to.
The Information Regulator said that the Department of Justice hasn't renewed it's cybersecurity licenses despite being sent an enforcement notice requiring it to.
Kacper Pempel/REUTERS
  • The Information Regulator has fined the Department of Justice and Constitutional Development R5 million for failing to beef up it's cyber security software after a 2021 data breach.
  • The department was given a month to renew it's cyber security licences, some of which expired in 2020.
  • The regulator claimed that this had resulted in the loss of 1 204 files from the department's system.
  • For more stories, visit the Tech and Trends homepage.

The Information Regulator has fined the Department of Justice and Constitutional Development R5 million after it failed to comply with an enforcement notice requiring it to beef up its cyber security software following a 2021 data breach.

The regulator claimed that the department had violated the Protection of Personal Information Act (POPIA), adding that a failure to "place adequate technical measures" to monitor and detect data breaches of their system resulted in the loss of 1 204 files from the system.

This conclusion followed a "full investigation" by the regulator, according to Nomzamo Zondi, senior manager for communications and media at the Information Regulator.

Through the investigation, the regulator found that some mitigation measures to protect the personal information of the department had taken place, but there were "gaps" in these measures, said Zondi.

Chief among these, were cybersecurity software licenses that had not been renewed by the department since 2020.

The Information Regulator claimed that the 2021 file loss stemmed from the failure of the department to renew these licenses.

Owing to this, the regulator submitted an enforcement notice to the department, requiring it to renew its security information and event management (SIEM) licences, which it said are required to monitor unusual behavior on the network and keep a backup of log files.

In terms of Section 95 of POPIA, the regulator may submit an enforcement notice which requires the responsible party to take specified steps or to refrain from taking specified steps when it is satisfied that the party has interfered or is interfering with the protection of personal information of a data subject.

The enforcement notice was submitted on 9 May and required the department to submit proof to the regulator that it had renewed its Trend Anti-Virus licence, the SIEM licence and the Intrusion Detection System licence within 31 days.

It also required the department to institute disciplinary proceedings against the officials who failed to renew the licences, which it said were necessary to safeguard the department against security compromises.

It said that the deadline to submit this proof was reached on 9 June, and that no proof had been received to date when it released a notice on 3 July.

The regulator implemented a R5-million administrative fine against the department for its failure to comply with the enforcement notice.

This is the first ever infringement order that the Information Regulator has issued, Zondi told News24.

She said the enforcement powers of the regulator only came into effect about two years ago.

"A lot is being tested," she said.

News24 reached out to the Department of Justice for clarity on its version of events. A spokesperson said that the department has taken note of the new findings of the Information Regulator and the subsequent fine.

The spokesperson said the department is "considering its options" and is not in a position to respond at this stage.

The Sunday Times reported that that the 2021 cyber attack was one of three on the department in the last three years.

In September 2020, R10 million was siphoned from the department by cyber criminals, and in April this year, R18 million was stolen in an identical attack.


We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Read more on:
information regulatordepartment of justicecybersecuritydate breachcyber attack
heading
description
username
Show Comments ()
Lottery
Get the latest numbers.
Full list of lottery results
Voting Booth
What's your view on the recent survey showing 62% of South Africans believe most politicians are corrupt?
Please select an option Oops! Something went wrong, please try again later.
Results
Sounds pretty accurate
24% - 1924 votes
Expected a higher number
74% - 5931 votes
SA corruption is exaggerated
1% - 117 votes
Vote
Previous Results
Podcasts
LISTEN | Unplugged: How Eskom's prepaid electricity update crisis might leave millions in the dark

04 Jul

LISTEN | Unplugged: How Eskom's prepaid electricity update crisis might leave millions in the dark
LISTEN | No pay, no play: A closer look at who is onside in the SAFA and Banyana standoff

04 Jul

LISTEN | No pay, no play: A closer look at who is onside in the SAFA and Banyana standoff
LISTEN | Bling rings, love pentagons and mafia mobs - unmasking Mashatile's millions

03 Jul

LISTEN | Bling rings, love pentagons and mafia mobs - unmasking Mashatile's millions
LISTEN | Missing Titan: Has the rescue mission become a recovery?

26 Jun

LISTEN | Missing Titan: Has the rescue mission become a recovery?
LISTEN | Scam Nation: How fraudsters are finding creative ways to get their hands on your cash

22 Jun

LISTEN | Scam Nation: How fraudsters are finding creative ways to get their hands on your cash
LISTEN | Loftus darling Derick Hougaard is fighting for his life in hospital. What we know so far

21 Jun

LISTEN | Loftus darling Derick Hougaard is fighting for his life in hospital. What we know so far
Listen
Rand - Dollar
18.77
-0.6%
Rand - Pound
23.85
-0.5%
Rand - Euro
20.39
-0.4%
Rand - Aus dollar
12.52
-0.2%
Rand - Yen
0.13
-0.5%
Platinum
917.13
+0.5%
Palladium
1,260.74
+2.0%
Gold
1,919.34
-0.3%
Silver
23.18
+0.9%
Brent Crude
76.25
+2.1%
Top 40
70,587
-0.4%
All Share
75,910
-0.4%
Resource 10
62,451
-0.6%
Industrial 25
105,125
-0.5%
Financial 15
16,166
-0.2%
All JSE data delayed by at least 15 minutes Iress logo
Good News
Gogo, 80, can see again after successful cataract op at rural hospital

29 Jun

Gogo, 80, can see again after successful cataract op at rural hospital
EMPD officers honoured after driving cash-in-transit van, foiling robbery

27 Jun

EMPD officers honoured after driving cash-in-transit van, foiling robbery
PICS | Raise the woof! Cape Town man chains himself to kennel to boost awareness...

24 Jun

PICS | Raise the woof! Cape Town man chains himself to kennel to boost awareness about animal abuse
Flush forward: How one social media post led to eradication of KZN school's pit...

23 Jun

Flush forward: How one social media post led to eradication of KZN school's pit toilets in 3 months
More Good News stories
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Partner Content
WATCH: Award-winning DJ, Prince Kaybee, and his Mac make sweet music together

04 Jul

WATCH: Award-winning DJ, Prince Kaybee, and his Mac make sweet music together
WATCH: 90% of South Africans don’t save enough for retirement

04 Jul

WATCH: 90% of South Africans don’t save enough for retirement
WATCH: How to ramp up your business' e-commerce growth

04 Jul

WATCH: How to ramp up your business' e-commerce growth
Absa Money Makeover: Meet the advisers of 2023

03 Jul

Absa Money Makeover: Meet the advisers of 2023
Find More
GooglePlayLink HuaweiGalleryLink AppleStoreLink
© 2023 (3.0.23185.6) 24.com. All rights reserved.
Terms and Conditions Media24 Privacy Policy Vulnerability Disclosure
Contact us Help with my subscription
Iab Logo