Cyber Incident Victim: Bank of Africa Mali
Date:
Feb 2023
Location:
Mali
Summary
Bank of Africa Mali experienced a cyberattack targeting its local messaging service and certain workstations, which was promptly contained by securing access to its information systems and user accounts. The institution confirmed no compromise of core banking or payment systems, ensuring protection of client, employee, and partner data, with no financial losses incurred. Regulatory authorities in Mali and Morocco were notified, and legal proceedings were initiated with Malian judicial authorities following the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around February 1, 2023, Bank of Africa Mali (BOA Mali) experienced a cyberattack targeting its information systems through its local email service and several local workstations. The bank detected unauthorized intrusion attempts and immediately implemented containment measures to neutralize the threat. According to its official statement, BOA Mali secured access to its information systems and user accounts to prevent further compromise. The attack was confined to peripheral systems, with no penetration into the core banking infrastructure or the monetic system responsible for payment processing. This containment prevented attackers from accessing sensitive financial operations or transactional data. BOA Mali confirmed that customer, employee, and partner data remained protected throughout the incident due to the isolation of critical systems from the breach. Initial assessments indicated no direct financial losses resulting from the attack, as the intrusion did not progress to stages enabling fund transfers or account manipulation.
Following the containment, BOA Mali notified regulatory authorities in both Mali and Morocco, specifically the Central Bank of West African States (BCEAO) and Bank Al Maghrib, in accordance with cross-border banking oversight requirements. The bank also filed a formal legal complaint with Malian judicial authorities to initiate an investigation into the incident’s origins and perpetrators. Internal reviews affirmed that operational continuity was maintained without service disruptions to clients, as critical banking functions operated independently of the compromised email and workstation entry points. No additional technical specifics regarding attack vectors, malware, or threat actor attribution were disclosed publicly. The incident underscored the bank’s reliance on segmented network architecture to limit lateral movement during security breaches while highlighting email and endpoint systems as initial attack surfaces requiring reinforced defenses.