Cyber Incident Victim: V-Report

On February 11, 2016, members of the Anonymous hacktivist collective breached V-Report (v-report.co.za), a South African job portal, as part of their #OpAfrica campaign. The attackers exfiltrated data on over 33,000 job seekers but selectively leaked only records belonging to 54 government employees across 15 state departments and agencies. The leaked records contained names, government-issued email addresses, and national ID numbers of officials from critical institutions including the Department of Home Affairs, National Treasury, Parliament, Police Service, and the Presidency's Office. Anonymous justified this targeted disclosure as retaliation against the South African government's alleged inaction regarding systemic child labor practices by local and foreign corporations. The group framed the attack as an awareness-raising measure about broader African socioeconomic issues including government corruption and Western corporate influence.

The incident represented one phase of a coordinated #OpAfrica initiative that had previously targeted Rwandan and Ugandan entities earlier in February 2016. Shortly after the V-Report breach disclosure, Anonymous expanded their campaign by compromising the South African Government Communication and Information System (GCIS), leaking personal details of over 1,500 additional government employees. This secondary breach exposed real names, email addresses, and MD5-hashed passwords. The attackers emphasized their selective targeting by stating they withheld non-governmental user data to avoid harming "innocent citizens." No containment measures or organizational responses from V-Report or the affected government entities were documented in the available records. The dual breaches collectively demonstrated the campaign's focus on credential exposure and identity documentation compromise across multiple tiers of South Africa's civil infrastructure.