SA Government Caught in SharePoint Hack Storm

Cyberattack on Planning Department raises big questions about public sector cybersecurity

South Africa’s digital defenses have once again been tested and breached. This time, it’s the Department of Planning, Monitoring and Evaluation (DPME) that’s landed in the cyber hot seat after hackers exploited a flaw in Microsoft SharePoint to infiltrate government systems.

The DPME confirmed it was among the global victims of a sophisticated hacking campaign targeting organizations running SharePoint on their own servers. While they’ve scrambled to apply patches and isolate the damage, the incident has reignited debates about how vulnerable South Africa’s state institutions are in the digital age.

An Old Platform with New Threats

Microsoft SharePoint has long been the go-to for document collaboration in South African offices, both public and private. But running the software on internal servers, as many local entities do for tighter control, ironically left them exposed to a now-public vulnerability.

Microsoft had warned earlier this month that hackers were zeroing in on self-hosted SharePoint setups and it didn’t take long for cybercriminals to pounce. According to Dutch cybersecurity firm Eye Security, attackers have already breached nearly 400 organizations globally. South Africa is among the top five most affected countries, behind the US, Mauritius, Jordan and the Netherlands.

Limpopo’s Premier’s Office: Another Silent Victim?

Cybersecurity researcher Gregory Boddin was the first to raise the red flag on the South African breach, also hinting that the Limpopo Premier’s Office may have been compromised. While the office has not confirmed or denied the incident, the silence has only deepened public suspicion and concern.

If true, it would mark yet another high-level institution targeted in what appears to be a wide-reaching, coordinated cyber assault.

How Did We Get Here?

This isn’t South Africa’s first brush with digital trouble. Over the years, there have been repeated alerts about outdated government IT systems and a lack of coordinated national cybersecurity strategies. A 2023 report from the Auditor-General flagged weak cyber controls across multiple departments, concerns that seem prophetic now.

And it’s not just SA. Nearby Mauritius also reported breaches of its own SharePoint-powered systems. With attackers sweeping across Africa and beyond, there’s clearly a larger play at work.

Public Concern, But Little Transparency

Reactions on social media have been sharp and swift. “We trust the government with our personal data, but they can’t even protect their own?” one Twitter user asked. Another joked, “Maybe the hackers will do a better job of monitoring and evaluation.”

But beyond the memes, there’s a growing frustration with what many see as a culture of reactive rather than proactive cybersecurity. South Africans are demanding more than just post-breach patches, they want accountability, transparency, and investment in cyber resilience.

For now, the DPME insists it’s taking corrective action. But this breach is a wake-up call. As more government services digitize, from home affairs to health records, the stakes are higher than ever.

If South Africa wants to avoid becoming a recurring target in the global cyber warfare arena, it’ll need more than patches and PR responses. It needs a national cybersecurity overhaul. And it needs it now.

This wasn’t just a digital breach. It was a breach of public trust. And unless South Africa’s government steps up its cybersecurity game, it won’t be the last.

{Source: BusinessTech}

Follow Joburg ETC on Facebook, Twitter , TikTok and Instagram

For more News in Johannesburg, visit joburgetc.com