Cyber Incident Victim: Paratus Namibia Holdings Limited
Date:
Feb 2025
Location:
Namibia
Summary
Paratus Namibia Holdings Limited experienced a cybersecurity incident disrupting internal IT systems and operations, prompting containment measures that involved taking affected systems offline. The company engaged its incident response team alongside international forensic and cybersecurity experts to investigate the breach scope, restore services, and manage risks while adhering to regulatory reporting obligations. This incident follows a separate ransomware attack on Telecom Namibia involving data exfiltration of sensitive customer records by the Hunters International group.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Paratus Namibia Holdings Limited publicly confirmed a cybersecurity incident on February 1, 2025, through a filing submitted to the Namibia Securities Exchange. The telecommunications provider disclosed the detection of unauthorized activity within its internal IT systems, which disrupted specific information systems and consequently impacted company operations. Upon identifying the breach, Paratus Namibia implemented its business continuity response plans by immediately isolating all affected systems from the network to contain the intrusion. This containment action enabled technical teams to initiate forensic examinations while minimizing further operational degradation. The company mobilized its internal incident response team alongside independent international experts specializing in legal compliance, digital forensics, and cybersecurity remediation to assess the breach scope and coordinate restoration efforts. These combined teams operated continuously to prioritize system recovery according to risk-managed protocols aligned with industry best practices, focusing on methodically bringing services back online without compromising investigation integrity or reintroducing vulnerabilities.
Paratus Namibia emphasized its commitment to safeguarding confidential data and promptly fulfilling regulatory obligations by reporting the incident to relevant authorities, though specific agencies were not named in the disclosure. Ongoing investigations prevented the release of detailed findings regarding attack vectors, data compromise, or threat actor attribution at the time of the announcement. The company pledged to provide stakeholders with material updates as the inquiry progressed, consistent with legal requirements. This incident occurred shortly after Telecom Namibia’s January 2025 ransomware attack by the Hunters International group, which resulted in the confirmed theft of 626.3GB of sensitive customer records including identification documents and physical addresses. While Paratus Namibia’s statement did not specify whether data exfiltration occurred or if ransomware was deployed, its disclosure highlighted operational disruptions rather than confirmed data loss, distinguishing it from the explicitly quantified breach at Telecom Namibia. Restoration timelines and financial impacts remained undisclosed as technicians continued system recovery and forensic analysis.