Ransomware attack on justice department IT system delays child maintenance payments

A labour department employee has been arrested in connection with a cyber attack on one of the department's servers this week.
A labour department employee has been arrested in connection with a cyber attack on one of the department's servers this week.
Image: 123RF/dolgachov

Child maintenance payments have been  delayed due to the security breach caused by a ransomware attack on the Department of Justice and constitutional development’s IT systems.

“While the department is not able to determine the exact date when the required systems will be restored, it will ensure all child maintenance money is kept secure for payment to the rightful beneficiaries when the systems are back online,” said department spokesperson Steve Mahlangu.

He said the incident had not affected the receipt of child maintenance money from a paying parent or employers who deduct money from staff paying maintenance.

“IT experts from the department, industry partners and selected organs of the state are working together to urgently restore the systems affected by the ransomware attack, including MojaPay.”

The department said it would give priority to the MojaPay system to minimise the inconvenience experienced by maintenance beneficiaries.

“The IT experts have thus far managed to come up with an alternative email system for better co-ordination of the department’s crisis response plan.

“Staff members at various levels have been migrated to the new email solution. The departmental website has also been restored to be able to publish updates regarding services to the public,” Mahlangu said.

“The Masters’ offices are currently, as an interim measure, using a manual process to provide bereaved families in exceptional cases, where there is a need to access funds from the deceased’s banking account for burial costs. No manual letters of executorship or authority will be issued in this crisis period.”

The Information Regulator SA expressed concern over the security breach which also affected its own operations.

“As a result of this security breach the regulator’s website was temporarily unavailable [for three days], and the email system went offline and remains unavailable,” the regulator said.

It has written to the department to get details about the affect of the breach.

“It is very unfortunate this breach has occurred. As the regulator we are concerned about the high number of security breaches in SA,” said the chairperson of the regulator, advocate Pansy Tlakula.

She said in August, 38 parties suffered security breaches.

“Responsible parties are reminded of their obligation under the Protection of Personal Information Act to secure the integrity and confidentiality of personal information of data subjects by taking appropriate, reasonable technical and organisational measures to prevent unlawful access to or processing of personal information. It is our role to ensure personal information is processed safely and securely. Failure to do so has legal consequences,” she said.

TimesLIVE


subscribe