Cyber Incident Victim: Tanzania Telecommunications Company Limited
Date:
Feb 2016
Location:
Tanzania
Summary
Anonymous-affiliated hackers breached Tanzania Telecommunications Company Limited, leaking employee and user data including names, email addresses, phone numbers, departments, job titles, usernames, and password hashes. The attackers claimed to have compromised 64,000 records as part of #OpAfrica, a campaign targeting alleged government corruption, but the company disputed the scale, stating only approximately 1,600 employees existed with later analysis revealing 2,287 unique entries after removing duplicates. While the breach originated from the organization's website, the victim denied server intrusions despite evidence of the data dump. The incident drew criticism for exposing personal information of individuals rather than directly addressing institutional issues.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 15, 2016, the hacktivist group Anonymous, operating through its World Hacker Team subdivision, publicly leaked data allegedly stolen from Tanzania Telecommunications Company Limited (TTCL), a state-owned telecommunications provider. The attackers claimed to have exfiltrated information on approximately 64,000 employees, including full names, email addresses, telephone numbers, departmental affiliations, and job titles. Additionally, the dump contained credentials from TTCL's website user accounts, comprising usernames and password hashes. The breach was conducted under #OpAfrica, an Anonymous campaign initiated earlier that month to highlight child labor and government corruption across African nations. Initial analysis by cybersecurity journalists confirmed the data appeared authentic based on cross-referencing employee details, though the publication noted this attack followed a pattern of recent Anonymous operations against perceived vulnerable government-linked entities.
TTCL promptly denied the breach, asserting it employed only around 1,600 personnel rather than the claimed 64,000. Subsequent forensic examination by journalists revealed extensive duplicate entries in the leaked dataset, reducing the actual unique records to 2,287 individuals. Media outlets provided TTCL with direct links to the dumped data to facilitate internal investigation, though the company's initial statement maintained no server compromise occurred. The World Hacker Team issued a formal response regarding the incident through their affiliated platforms, though its contents weren't detailed in available reports. Public criticism of #OpAfrica intensified following this incident, with commentators arguing the exposure of civilian employee data created risks for innocent individuals without demonstrably advancing the campaign's stated anti-corruption objectives. The compromised user account credentials raised additional concerns about potential secondary attacks against TTCL's digital infrastructure or credential reuse by malicious actors.