The Telecom Namibia cyberattack is more than a localized issue; it is a symptom of the broader challenges faced by nations undergoing rapid digital transformation without commensurate investment in cybersecurity. Addressing these challenges will require a coordinated effort involving government, businesses, and international partners to build a resilient and secure digital ecosystem.

Telecom Namibia has suffered a major cyberattack, leading to the leak of customer files, including sensitive personal data such as identification details, addresses, and banking information. The breach, discovered on December 13, 2024, by the telecommunications provider has sparked significant concerns about cybersecurity in Namibia.

The company addressed the incident in a release dated December 16, saying “On 13 December 2024, we discovered that some customers' data had been leaked on the dark web. Our investigation team and cybersecurity experts are diligently analyzing the data and keeping all stakeholders updated.”

The threat was contained three weeks ago, preventing further attacks on the operator's systems and third parties. However, the stolen data was leaked on the dark web on December 13, 2024, after the company refused to pay any ransom. The operator further revealed that it is working with law enforcement and cybersecurity experts to minimize risks to its customers and bring the perpetrators to justice.

The breach was orchestrated by a ransomware group, Hunters International, a notorious cybercriminal organization. The attackers reportedly exfiltrated approximately 626.3GB of data, before threatening to release the stolen information unless their ransom demands were met. When the ransom deadline passed, portions of the sensitive data were leaked on social media, raising fears of further exploitation, such as phishing scams and identity theft.

In 2024, Namibia saw a sharp rise in cyberattacks, mirroring a growing trend across the broader African continent. According to the Communications Regulatory Authority of Namibia (CRAN), in its Namibian Cybersecurity Landscape Report released in October 2024, over 1.18 million cyber incidents were recorded between January and September, including two ransomware attacks in April and May.

This incident underscores the risks to businesses and consumers, as leaked information can fuel phishing schemes and cybercrimes. It highlights the need for stronger cybersecurity measures and accelerated cybercrime legislation in Namibia. The breach has renewed calls for coordinated efforts to safeguard national infrastructure.

Hikmatu Bilali

Editing by Sèna de Sodji