Ctrl-Alt-Hack: Telecoms data hack
OPINION
What is your ID number? Postal address? Account number?
These are some of the questions your bank asks you to verify your identity whenever you call them with a query or request. Ironically, this is the same information that has been leaked in the recent Telecom Namibia breach. This means that criminals can impersonate Telecom customers, which is just a fraction of the potential threats customers now face.
The recent cyberattack on Telecom Namibia raises a number of questions for the ordinary person. Firstly, how does this affect me as a customer? How can I protect myself? And most importantly, what risks do I face if my personal information is exposed?
The short and simple answer is that if your data was part of the Telecom Namibia breach, it means that criminals could now know where you live, how much you earn, and which bank holds your money.
Laws delayed, justice denied
So far, there is no legislation for data protection in Namibia. For that reason, the country relies on Article 13 of the Namibian Constitution, which provides for the right to privacy, a fundamental human right. With the recent cyberattack on Telecom and the increasing cyberthreats, the right to privacy and protection of data is placed at a significant risk.
According to statistics shared by the government at the first Namibia International Cybersecurity Conference this year, on average Namibia recorded about 7 000 cyberattacks daily in 2022, all aimed at stealing data. Namibia’s cybersecurity landscape is still in its infancy, leaving critical systems exposed to potential exploitation. This immaturity limits the country’s ability to prevent, detect and respond effectively to cyber incidents. Namibia’s journey to governing cybercrime and attacks began nearly two decades ago with the Electronic Transactions and Cybercrime Bill of 2005.
Despite this early start, the country has been struggling for about 20 years to finalise laws aimed at protecting data and combat cybercrimes.
Similarly, the absence of legislation to govern data protection limits the country’s ability to effectively address cybercrime. So far the Data Protection Bill is still at the draft phase and is yet to be passed into law. While grappling with the challenges of establishing cyber laws and legislation to govern data protection, Namibia has been experiencing tragic cyberattacks, with the recent one being Telecom’s data breach, with an estimated 600 GB worth of data leaked, as claimed by the attackers.
Namibia’s cybersecurity strategy
In an effort to strengthen the country’s cybersecurity space, Namibia established the Namibia Computer Security Incident Response Team (NAM-CSIRT), which plays a critical role in managing cyber events and ensuring the security and stability of Critical Infrastructure (CI) and Critical Information Infrastructure (CII). NAM-CSIRT forms part of the broader Namibia National Cybersecurity Strategy & Awareness Raising Plan 2022–2027, which has been in effect since 2022.
This is the only framework currently in place to combat and address cybercrime. While this effort by the government is applaudable, it is evidently clear that Namibia desperately still needs a legal framework in place to ensure governance and protection of the national cyberspace and enforce compliance with data protection regulations.
The absence of these frameworks places Namibians in a position where they are unable to get legal recourse. Laws are fundamentally essential in society to maintain order, ensure justice and protection of the rights of individuals.
Error 404: The unseen consequences
The reality of thousands of clients' information being exposed on the internet, available for anyone around the world to use, is unsettling to say the least. Particularly when we have no control over who can use it and how.
For Telecom’s customers, the recent data breach represents a significant threat to personal security and privacy. The exposure of sensitive information carries a range of potential consequences.
So, what does this mean for you as a Telecom Namibia customer? The risks are numerous and concerning.
- Criminals using your personal information to impersonate you, open fraudulent accounts or even commit crimes in your name.
- Banking details in the wrong hands could lead to unauthorised withdrawals, purchases or other financial crimes that could drain your accounts.
- Personal information could be used to file fake tax returns and claim refunds.
- Hackers could gain access to your email, banking or social media accounts, locking you out and exploiting these platforms for their gain.
- Attackers could impersonate banks, service providers or Telecom Namibia itself, tricking customers into providing additional sensitive information or making payments.
- Public exposure of payslip details could lead to workplace and online discrimination, extortion attempts or harm to your reputation.
This breach not only puts your personal security in jeopardy but also tarnishes Telecom’s reputation. With this breach, the company has failed to protect your data, which will likely drive away customers and harm their trust in the company.
As a customer, it’s important to stay vigilant. Regularly monitor your bank accounts for unauthorised transactions, update your passwords and be cautious about unsolicited calls or messages asking for personal information.
Namibia is regarded as one of the most vulnerable countries in Africa to cybersecurity threats and incidents like the Telecom Namibia breach show the urgent need for the country to improve its digital security.
The internet isn’t going away – it’s becoming more integral to how we live and work. The question is whether Namibia will rise to meet the challenge or remain vulnerable in an increasingly digital world, because the next hack might not just cost you your data, it could be a threat to your future.
* Rejoice Amutenya and Rivaldo Kavanga are the co-founders of Active Youth Organisation Namibia.
These are some of the questions your bank asks you to verify your identity whenever you call them with a query or request. Ironically, this is the same information that has been leaked in the recent Telecom Namibia breach. This means that criminals can impersonate Telecom customers, which is just a fraction of the potential threats customers now face.
The recent cyberattack on Telecom Namibia raises a number of questions for the ordinary person. Firstly, how does this affect me as a customer? How can I protect myself? And most importantly, what risks do I face if my personal information is exposed?
The short and simple answer is that if your data was part of the Telecom Namibia breach, it means that criminals could now know where you live, how much you earn, and which bank holds your money.
Laws delayed, justice denied
So far, there is no legislation for data protection in Namibia. For that reason, the country relies on Article 13 of the Namibian Constitution, which provides for the right to privacy, a fundamental human right. With the recent cyberattack on Telecom and the increasing cyberthreats, the right to privacy and protection of data is placed at a significant risk.
According to statistics shared by the government at the first Namibia International Cybersecurity Conference this year, on average Namibia recorded about 7 000 cyberattacks daily in 2022, all aimed at stealing data. Namibia’s cybersecurity landscape is still in its infancy, leaving critical systems exposed to potential exploitation. This immaturity limits the country’s ability to prevent, detect and respond effectively to cyber incidents. Namibia’s journey to governing cybercrime and attacks began nearly two decades ago with the Electronic Transactions and Cybercrime Bill of 2005.
Despite this early start, the country has been struggling for about 20 years to finalise laws aimed at protecting data and combat cybercrimes.
Similarly, the absence of legislation to govern data protection limits the country’s ability to effectively address cybercrime. So far the Data Protection Bill is still at the draft phase and is yet to be passed into law. While grappling with the challenges of establishing cyber laws and legislation to govern data protection, Namibia has been experiencing tragic cyberattacks, with the recent one being Telecom’s data breach, with an estimated 600 GB worth of data leaked, as claimed by the attackers.
Namibia’s cybersecurity strategy
In an effort to strengthen the country’s cybersecurity space, Namibia established the Namibia Computer Security Incident Response Team (NAM-CSIRT), which plays a critical role in managing cyber events and ensuring the security and stability of Critical Infrastructure (CI) and Critical Information Infrastructure (CII). NAM-CSIRT forms part of the broader Namibia National Cybersecurity Strategy & Awareness Raising Plan 2022–2027, which has been in effect since 2022.
This is the only framework currently in place to combat and address cybercrime. While this effort by the government is applaudable, it is evidently clear that Namibia desperately still needs a legal framework in place to ensure governance and protection of the national cyberspace and enforce compliance with data protection regulations.
The absence of these frameworks places Namibians in a position where they are unable to get legal recourse. Laws are fundamentally essential in society to maintain order, ensure justice and protection of the rights of individuals.
Error 404: The unseen consequences
The reality of thousands of clients' information being exposed on the internet, available for anyone around the world to use, is unsettling to say the least. Particularly when we have no control over who can use it and how.
For Telecom’s customers, the recent data breach represents a significant threat to personal security and privacy. The exposure of sensitive information carries a range of potential consequences.
So, what does this mean for you as a Telecom Namibia customer? The risks are numerous and concerning.
- Criminals using your personal information to impersonate you, open fraudulent accounts or even commit crimes in your name.
- Banking details in the wrong hands could lead to unauthorised withdrawals, purchases or other financial crimes that could drain your accounts.
- Personal information could be used to file fake tax returns and claim refunds.
- Hackers could gain access to your email, banking or social media accounts, locking you out and exploiting these platforms for their gain.
- Attackers could impersonate banks, service providers or Telecom Namibia itself, tricking customers into providing additional sensitive information or making payments.
- Public exposure of payslip details could lead to workplace and online discrimination, extortion attempts or harm to your reputation.
This breach not only puts your personal security in jeopardy but also tarnishes Telecom’s reputation. With this breach, the company has failed to protect your data, which will likely drive away customers and harm their trust in the company.
As a customer, it’s important to stay vigilant. Regularly monitor your bank accounts for unauthorised transactions, update your passwords and be cautious about unsolicited calls or messages asking for personal information.
Namibia is regarded as one of the most vulnerable countries in Africa to cybersecurity threats and incidents like the Telecom Namibia breach show the urgent need for the country to improve its digital security.
The internet isn’t going away – it’s becoming more integral to how we live and work. The question is whether Namibia will rise to meet the challenge or remain vulnerable in an increasingly digital world, because the next hack might not just cost you your data, it could be a threat to your future.
* Rejoice Amutenya and Rivaldo Kavanga are the co-founders of Active Youth Organisation Namibia.
Comments
Namibian Sun
No comments have been left on this article