Kenyans React as NSSF Suffers Midnight Ransomware Attack
- The National Social Security Fund offers social security to workers in both the formal and informal sectors of the economy
- The body was established in 1965 through an Act of Parliament, Cap 258 of the Laws of Kenya
- However, the fund has suffered a ransomware attack, with hackers threatening to have gained access to its critical data, a move that has seen members go into panic
Bonface Kanyamwaya, a journalist at TUKO.co.ke, has more than 10 years of financial, economic, business, markets, and aviation expertise, providing insights into Kenya and global trends.
The National Social Security Fund (NSSF) on Tuesday, March 20, suffered a ransomware attack, exposing members' contributions that stood at KSh 59 billion as of June 2024 at risk.
Source: Twitter
The attack, which happened for barely a few hours, saw the hackers demand KSh 580 million, adding that if the money was not given to them, then they were going to release the data to the dark web.
The group, identified as "Devman," came out on social media last night claiming they were responsible for the attack.
They claimed they got hold of 2.5 terabytes of sensitive information from the fund's database.
“All devices locked. 2.5TB of data stolen. The victim has 24 hours to contact us before the name is revealed. Info on /nssf.html," said the hackers on their social media page.
But their act did not please a majority of Kenyans, some of whom are members of the National Social Security Fund.
How did Kenya react to NSSF hacking?
Kimani Wa Njenga
"What's left of value at NSSF to be 'stolen anyway?'"
Peter K
"Is it true our savings are being used to build roads as per Nyoro allegations?"
Chris Ogolla
"Do you have cyber insurance?"
Jackson Onduto
"Provided my money is safe you can continue with the monkey business."
Davis Opannda
"What was Nyoro telling people?"
In as much as the attacks happened, NSSF, in a separate statement released on Tuesday, May 20 assured Kenyans that their savings were safe.
"We wish to assure our members that the core system, which stores member data and financial transactions, remains secure and safe, based on the findings of our ongoing investigations. There is no evidence that any personal or financial member data has been compromised or extracted," said NSSF in a statement which was seen by TUKO.co.ke.
NSSF contributions hit KSh 59.14 billion
The attack on NSSF data is happening at a time when NSSF more than doubled contributions to KSh 59.14 billion in the financial year ending June 2024.
The high increase in contribution was realised as a result of higher rates that came into effect in early 2023.
The 132% increase in membership contribution was from a low of KSh 26.867 billion that Kenyan workers paid NSSF as savings for their retirements.
The fund increased monthly contributions for salaried Kenyans in February 2023 to KSh 1,080 per month, which is matched by the employer, to reach KSh 2,160 in the first phase of implementing the NSSF 2013 Act.
This was up from the previous contribution of KSh 200 that employees previously paid, which was also topped up by employers.
Source: Twitter
What did Ndindi Nyoro say about NSSF?
Meanwhile, Kiharu MP Ndindi Nyoro and President William Ruto seem not to be reading from the same script anymore.
The firebrand legislator lately been a chief critic of Ruto's style of leadership, critising all the wrong doings in his government.
Nyoro, in a recent statement, cautioned against the investing of workers' pensions after criticising the president in the manner he has managed the public debt.
Proofreading by Asher Omondi, copy editor at TUKO.co.ke.
Source: TUKO.co.ke
