A cybersecurity incident affecting the government of Senegal has forced the closure of an office tasked with managing sensitive information, including national ID cards, passports and other biometric data.
The Directorate of File Automation (DAF) sent out a notice last week warning the country’s 19.5 million residents that a cyberattack had forced the government to temporarily suspend the office’s operations.
A senior police official said they are trying to restore systems and claimed the “integrity” of citizens’ personal data “remains intact.” DAF did not respond to requests for comment.
The notice followed claims by a ransomware gang going by the name Green Blood Group of a breach in the organization and the theft of 139 GB of data that includes citizen database records, biometric data, and immigration documents.
The hackers shared samples of the stolen data and an email from Quik Saw Choo, a senior general manager at the IRIS Corporation Berhad — a Malaysian company recently tasked with creating Senegal’s new digital identification cards.
In the email, dated January 20, Choo warned Senegalese officials at DAF and other ministries that hackers breached two DAF servers on January 19 and stole card personalization data on one of them. Choo’s office took several actions on their end, including cutting off network connections to one server and changing the password on the other. They also shut off all network connections to foreign missions and other offices.
Choo said IRIS was working with Malaysian cybersecurity experts and wanted to arrange a trip to Senegal’s capital Dakar on January 22 so that further investigations and “corrective measures” could be taken.
The DAF and IRIS did not respond to requests for comment.
A local news outlet reported that as of February 5 the DAF had been disrupted for at least five days and noted that Senegal and IRIS have been in the midst of a dispute over payments. The DAF website is still down as of Monday afternoon.
The Green Blood Group emerged in January and claimed to have breached four other victims alongside DAF.
Sophisticated hackers have long targeted government ID bases, with countries like Argentina and Estonia dealing with similar security incidents.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.
