Microsoft Hack Rocks South African Government, Businesses & Universities
A widespread cyberattack exploiting a vulnerability in Microsoft’s software has struck South Africa, hitting the National Treasury, a major car manufacturer, a university, and several local government offices. The breach, first detected by Dutch cybersecurity firm Eye Security, has affected hundreds of organizations globally, with the U.S., Mauritius, Jordan, and the Netherlands also among countries most impacted.
The hackers targeted Microsoft’s SharePoint, a widely used platform for document collaboration, specifically going after organisations that host their own servers rather than using Microsoft’s cloud services. This allowed them to infiltrate systems, plant malware, and potentially access sensitive data. While the National Treasury confirmed malware was found on its network, it assured the public that operations remain unaffected. Still, the incident raises serious concerns about cybersecurity readiness in both the public and private sectors.
Cyberattacks of this nature can lead to stolen personal data, financial fraud, and even disruptions in essential services. South Africa has faced similar threats before, including the 2021 Transnet port cyberattack, which brought shipping operations to a standstill for days, and the Department of Justice breach, where sensitive legal documents were leaked.
Microsoft has acknowledged the attacks but has yet to provide detailed comments. The company typically releases patches to fix such vulnerabilities, but organisations that delay updates remain at risk. Eye Security has alerted South Africa’s Computer Security Incident Response Team (CSIRT), though the full extent of the damage is still unclear.
As cybercriminals increasingly target governments and critical industries, experts are urging immediate software updates, stronger security measures like multi-factor authentication, and greater transparency from affected organizations to prevent further harm. For now, South African citizens and businesses are advised to stay vigilant for phishing scams or unusual activity, particularly on government and university platforms. With the country among the top five affected by this breach, the repercussions could unfold in the weeks ahead.
Authorities have not yet confirmed whether any data was stolen, but past incidents suggest that delays in response could lead to further exploitation. The Reserve Bank has stated that its systems were not compromised, offering some reassurance, but the broader implications for South Africa’s cybersecurity infrastructure remain a pressing concern.
Feature Image Credits: Bloomberg
