Cyber Incident Victim: South African Social Security Agency

In 2019, the South African Social Security Agency (Sassa) was alerted to a security breach involving the compromise of master keys associated with its social grant payment cards. These cards, issued by the South African Post Office (SAPO) on behalf of Postbank, functioned as bank cards for beneficiaries collecting grants through post office channels. The breach occurred within the bank environment, though specific technical details regarding the compromise method or perpetrator were not disclosed in available reports. Following the discovery, the South African Reserve Bank (SARB), as the regulator of the National Payment System, determined the cards posed an ongoing risk due to the exposed cryptographic keys. In late 2019, SARB mandated the replacement of all existing Sassa cards to mitigate potential fraud or unauthorized transactions stemming from the key compromise.

The incident necessitated a large-scale card replacement initiative impacting an unspecified number of social grant recipients reliant on the Sassa-Postbank system. Minister of Social Development Lindiwe Zulu confirmed in December 2020 parliamentary responses that the government was engaged in stakeholder discussions to execute this replacement, acknowledging the breach’s origin within banking infrastructure rather than Sassa’s direct systems. No publicly reported evidence indicated fraudulent transactions or direct financial losses to beneficiaries prior to the replacement order, though the cryptographic vulnerability inherently threatened payment integrity. The response centered on card reissuance through SAPO and Postbank partnerships, with SARB overseeing compliance due to its statutory payment system authority. This operational transition aimed to deactivate compromised cards and restore secure payment channels for grant distribution, though timelines for full replacement completion remained unspecified in disclosed records.