BGFI Bank denies cyberattack
CybAfriqué is a weekly newsletter covering news and analysis on cyber, data, and information security on the African continent.
BGFI Bank denies cyberattack
The BGFI Banking Group has refuted all claims of a breach. “After internal checks and investigations in collaboration with our Group's IT security teams, we would like, through this press release, to reassure all of our stakeholders - subsidiaries, employees, shareholders, suppliers, customers, partners, etc. - that these allegations , moreover malicious – remain totally unfounded and defamatory. The security of our systems is a fundamental pillar of our development policy and in the service that we want to offer to all of our customers,” wrote the Banking Group’s communications team last week Monday.
Last week, ethical hackers revealed that ransomware and data extortion group BianLian had obtained up to 256GB of sensitive data consisting of financial files, credit reports, and staff and board data, all of which BianLian was requesting a ransom of 55 BTCs ($167,000) in order to not release it to the general public.
Now that BGFI is denying a breach, the question is where did the data come from? Recently, consequential to how harder it is to hide attacks, African financial institutions have grown the habit of denying breaches in the face of glaring proof. In April, BOA Mali had also denied a breach despite the presence of data online. Nigerian Unicorn fintech, Flutterwave, had also denied multiple hacks despites court files portraying a different story. Last year, Nigeria’s Medical Insurance Scheme, PLASCHEMA, was accused of jeopardizing the data of thousands of users by using unsecured data buckets, but guess what they also did? yes, deny.
Delay isn’t denial, just as denial isn’t prevention.
Features
Since March, following a disagreement with the country’s orthodox church, Ethiopia has banned the use of most social media apps, including Facebook, TikTok, Telegram and YouTube. Four months in, there’s yet any concrete sign of this ban being removed, even as businesses, influencers, information stakeholders, and rights organizations are finding it harder to get by without these channels. VOA news delves into the intricacies of this issue.
The conflict in Sudan is still as pressing as ever, but here’s how satellites are making it harder for war criminals to hide, by The Record.
AI language models are being used in social media moderation, especially in African countries where moderation has been an issue for most platforms. But AI does not understand the context of indigenous African languages. Here’s how hate is lost in translation, by Rest of World.
Nigerian Jihadists are finding propaganda haven on Telegram, here’s how - by HumAngle.
I also enjoyed this report by KnowBe4 on phishing in Africa.
Headlines
Despite new rules, Nigerian banks aren’t asking customers for social media handles yet. - TechCabal
Risk and compliance consultancy firm Digital Jewels is expanding to Kenya. - TechArena
Third Nigerian pleads guilty in BEC scams dating back nearly a decade. - The Record
South Africa’s cyber deal with France hints at crackdown on computer criminals. The Africa Report
Nigeria’s data protection authority says it’s investigating top banks for alleged data breach. - Nairametrics
Post Note
I’m looking forward to meeting and discussing with cyber and info sec people in Africa. What is the (cyber and info sec) atmosphere like where you are? What are the craziest breaches, craziest defence too. Projects to watch out for, stuff like that. If you’re up to do a short chat or invite me to an invite to an event or stuff like that, reach out via olaigbeolatunji(at)gmail(dot)com
Share, subscribe, and see you next Tuesday.