A major ransomware attack has exposed the severe weaknesses in the Eastern Cape Department of Human Settlements’ cybersecurity systems. Reports tabled before the Portfolio Committee confirm that more than 20 GB of departmental data was compromised in an attack by the threat actor NightSpire.
The breach occurred on 9 November at 10:49, yet the Department did not realise it had been compromised until nearly two hours later. This delay raises serious questions about the Department’s monitoring capacity and overall system readiness.
This incident places thousands of housing beneficiaries at risk. The potential exposure of personal records threatens the accuracy of the Housing Needs Register and the privacy of vulnerable families who depend on the Department for safe and fair allocation processes. It also deepens public mistrust in the integrity of beneficiary lists, which have already been the subject of repeated disputes in communities across the province.
While the Department has not yet confirmed what categories of data were compromised, the breach highlights how exposed critical systems have become due to years of underinvestment in ICT.
The breach follows a similar incident in June when the Ingonyama Trust fell victim to a ransomware attempt by the same threat actor. NightSpire claimed to have extracted 30 GB of information from the Trust and published details on the dark web. Although precautionary measures reduced the potential impact, the event highlighted the growing vulnerability of public sector institutions to coordinated cyber threats.
The Democratic Alliance has repeatedly warned that the Department’s ICT directorate is understaffed and underfunded. Stronger investment in cybersecurity and oversight has long been overdue, especially in protecting beneficiary eligibility. Continued neglect has now created an environment in which attacks of this nature are all but inevitable.
The DA therefore urges MEC for Human Settlements, Siphokazi Lusithi, to provide an immediate and comprehensive briefing to the Portfolio Committee. This must include the nature and scale of the attack, the extent of compromised data, and the steps taken since the breach was detected. There must also be a full independent investigation to confirm how the intrusion occurred and whether adequate safeguards were in place.
The Department must move with urgency to implement emergency cybersecurity upgrades across all systems. These upgrades must enhance intrusion detection and ensure real-time monitoring capacity to prevent future breaches.
Every beneficiary whose information has been entrusted to the state deserves confidence that their identity and personal details are safe.
The people of the Eastern Cape deserve leadership that protects their privacy, secures essential public services, and delivers a future built on dignity, opportunity, and honest government.