The department now plans to investigate the matter further.
“We are grateful for the opportunities the challenge has been able to activate, as it has created alertness from the department and its entity to the need to have regular updates of our systems,” Tolashe said.
Cyber specialist Stanley Matshothe has noticed a rise in platforms that claim to process Sassa information and provide updates for beneficiaries. There are also sites that mimic the SRD grant site, collecting user data (such as ID numbers and phone numbers) and potentially gaining access to Sassa updates.
These websites, which are not associated with Sassa, could lead to unauthorised access to clients' Sassa accounts, resulting in identity theft and financial fraud. Fraudsters can also use the stolen data to redirect payments or apply for grants in the name of unsuspecting clients. This can lead to disruptions in grant applications, delayed payments, and panic due to misleading communications, parliament was told.
Just a month ago, weather service SAWS, under the department of environmental affairs and tourism, was attacked by hackers, causing the system to go down.
TimesLIVE
LISTEN | Sassa admits security risk in R33.6bn system after first-year students expose flaws
Sassa has acknowledged that its system poses a security risk, after a wake-up call from first-year students at Stellenbosch University who alerted them to fraudulent activities and vulnerabilities in the system.
Social development minister Sisisi Tolashe told a parliamentary meeting that Sassa had appointed its own task team to assess the vulnerability of its system — particularly the SRD system — which confirmed the system was not watertight, after Joel Cedars and Veer Gosai studying computer science at Stellenbosch University raised alarm in November.
Sassa injected R266bn for the payment of 28-million social grants for the current financial year, with R33.6bn allocated for the Social Relief of Distress (SRD) grant.
SRD grants help jobless South Africans between 18 and 59.
“This is not acceptable, as a result we commit that we will ensure and safeguard our system and also achieve our motto of paying the right grant to the right person every time,” Tolashe said on Wednesday.
Listen to the minister:
The department now plans to investigate the matter further.
“We are grateful for the opportunities the challenge has been able to activate, as it has created alertness from the department and its entity to the need to have regular updates of our systems,” Tolashe said.
Cyber specialist Stanley Matshothe has noticed a rise in platforms that claim to process Sassa information and provide updates for beneficiaries. There are also sites that mimic the SRD grant site, collecting user data (such as ID numbers and phone numbers) and potentially gaining access to Sassa updates.
These websites, which are not associated with Sassa, could lead to unauthorised access to clients' Sassa accounts, resulting in identity theft and financial fraud. Fraudsters can also use the stolen data to redirect payments or apply for grants in the name of unsuspecting clients. This can lead to disruptions in grant applications, delayed payments, and panic due to misleading communications, parliament was told.
Just a month ago, weather service SAWS, under the department of environmental affairs and tourism, was attacked by hackers, causing the system to go down.
TimesLIVE
READ MORE: