Development Bank of Southern Africa suffers ransomware

Development Bank of Southern Africa (DBSA) experienced a ransomware attack, which resulted in the potential access or acquisition of its employees' personal information by unauthorized individuals.

The DBSA conducted preliminary investigations and indicated that the attack was believed to be carried out by the ransomware group known as Akira, although the investigation is still ongoing.

The attack, which occurred around May 21, involved the encryption of various servers, log files, and documents by Akira, who threatened to release the information on the dark web unless their monetary demands were met.

The DBSA has determined that certain categories of employee personal information may have been accessed or acquired by the threat actor, with the compromised data possibly limited to employees' names and surnames.

The bank's investigation is ongoing to ascertain the full extent of the data breach, and a forensic investigator has been appointed to assist in assessing the incident's scope. Additionally, the DBSA is actively searching the dark web to check if the information has been published and has revoked third-party access to its information systems to prevent further unauthorized access.