A list of cyber security breaches in Uganda and the lessons we can learn from them

In the past few years, the Ugandan technology landscape has been marred by a number of cyber security breaches. These breaches have not only resulted in financial losses for the affected organizations but have also eroded trust among users and customers. In this post, we will take a look at some of the most notable cyber security breaches in Uganda and the lessons we can learn from them.

n Uganda, telecommunication companies have embraced digital transformation that has significantly improved their business performance. The transformation has supported decision-making at the different levels of management and increased financial inclusion in the country. With Uganda’s economy growing at approximately 6% per annum, the telecom sector is growing at 17.4% per year, providing one of the best gross revenue turnovers in the country. The total telecom subscribers increased by 157% over the last 10 years, from 10 million in 2009 to 25.7 million in 2019. The internet penetration increased by approximately 15 million, which represents 165% growth (UCC, 2019)

The rapid growth of internet usage and digital services in Uganda has unfortunately been accompanied by a rise in cyber security breaches.

In this article, we will explore a list of cyber security breaches and their origins in Uganda, as well as the lessons we can learn from them to improve our cyber security practices.

1. Uganda Security Exchange Breach (2019) In 2019, the Uganda Security Exchange (USE) experienced a cyber attack that resulted in the theft of user data

The investigation by the Personal Data Protection Office confirmed that Uganda Securities Exchange had experienced a personal data security breach. After reviewing the documents shared and interviewing representatives from USE and Soft Edge Uganda Limited, it was determined that the breach occurred on the infrastructure of Soft Edge Limited due to an incorrectly configured firewall on the audit logging server created to track all actions during an upgrade of USE’s Know Your Customer (KYC) system. This created an open port, from which personal data was exposed for a period of about twelve (12) days. This information was accessed by persons who were ordinarily not authorised to access the personal data. The accessed information included National Identification Numbers (NINs), names, dates of birth, email addresses, physical addresses, and telephone numbers of individuals that present information from which an individual can be identified. Therefore, the investigation confirmed that USE suffered a data security breach. It was established that the information that was accessed by an authorised person included personal data of USE’s data subjects that Soft Edge Uganda Limited had accessed on account of its contractual relationship with USE as a technology partner.

Major causes of the breach included:

• Incorrectly configured firewall on the audit logging server
• Open port that exposed personal data for about twelve days
• Lack of proper monitoring and security measures to detect the breach in a timely manner

Lessons learned:

• Regularly review and update firewall configurations to ensure they are secure
• Implement proper monitoring and security measures to detect breaches in a timely manner
• Ensure that third-party technology partners have robust security measures in place to protect user Data

2. Uganda Revenue Authority (URA) Data Breach (2020)