By Staff Reporter
WINDHOEK, December 17 — Namibia’s state-owned telecom provider, Telecom Namibia, confirmed on Monday that customer data was leaked on the dark web following a ransomware attack. The company attributed the breach to a cybercriminal group known as Hunters International. According to Telecom Namibia’s CEO, Stanley Shanapinda, the hackers published the stolen data after the company refused to negotiate a ransom.
“We don’t negotiate with cyber terrorists,” Shanapinda stated in an interview with local media. “The sums they demand are exorbitant and unaffordable. There is no guarantee that paying a ransom would prevent the data from being leaked anyway.”
While Telecom Namibia did not disclose specific details about the stolen data, local media reports suggest that the hackers accessed over 400,000 files. These reportedly include personal and financial data from some high-ranking government officials and Telecom Namibia’s clients.
In a public statement, the company assured customers that it is analyzing the leaked data and collaborating with law enforcement to mitigate further exposure and risks. However, some of the compromised data has already begun circulating on social media. Telecom Namibia has warned the public that sharing or using this information for malicious purposes is a criminal offence.
Hunters International, the group behind the attack, operates a ransomware-as-a-service model. Emerging in October 2023, the group has been linked to attacks on various industries, including healthcare, automotive, manufacturing, logistics, finance, education, and food. While some cybersecurity analysts believe Hunters International is a rebranded version of the infamous Hive ransomware group dismantled by the FBI in January 2023, the group denies these allegations. It claims to be a new entity that purchased the encryptor source code from Hive developers.
The breach has drawn significant attention from Namibian authorities. President Nangolo Mbumba, through his spokesperson Alfredo Hengari, emphasized the importance of cybersecurity as a component of national security. “Any threat to our security infrastructure, including cyberattacks, is dealt with the urgency it deserves,” Hengari stated.
There are unverified reports that confidential information from the Office of the President was included in the leaked data. Namibian security experts note that affected customers currently have limited legal recourse since the country’s Data Protection Act, which could enforce penalties for such breaches, has not yet been implemented. In some cases, however, individuals may be able to seek damages for negligence in data protection.
Adding to the alarm, another threat actor has reportedly targeted Namibia’s Ministry of Health and Social Services, compromising pharmaceutical data. These claims have not been officially confirmed.
Telecom Namibia’s data breach underscores the growing threat of cyberattacks in Namibia and highlights the urgent need for robust cybersecurity measures and legislative frameworks to safeguard sensitive information.
