• Home
  • /
  • Malware
  • /
  • Cyber criminals hack SA’s Legal Practitioners Fidelity Fund

Cyber criminals hack SA’s Legal Practitioners Fidelity Fund

Admire Moyo
By Admire Moyo, ITWeb's news editor.
Johannesburg, 26 Jun 2024
The LPFF case comes amid an uptick in cyber attacks targeting South African organisations.
The LPFF case comes amid an uptick in cyber attacks targeting South African organisations.

The Legal Practitioners Fidelity Fund (LPFF) is the latest South African organisation to be hacked, as the country increasingly becomes a hotbed of cyber crime.

Yesterday, Motlatsi Molefe, CEO of the Legal Practitioners Fidelity Fund, sent an urgent notice to stakeholders informing them of the cyber incident at the organisation.

The primary purpose of the LPFF is to reimburse clients of legal practitioners who may suffer pecuniary loss due to the theft of money or property entrusted to an attorney in the course of his/her practice, or where an attorney acts as executor or administrator in a deceased estate, or as a trustee in an insolvent estate.

“We are writing to inform you of a recent cyber security incident that has impacted some of our systems,” says Molefe.

“In our commitment to transparency and maintaining your trust, we want to provide you with information regarding the incident, its potential implications, and the steps we are taking to address it.”

According to Molefe, on Thursday, 20 June 2024, the LPFF’s IT security team detected unauthorised access to some of its systems.

“Preliminary investigations suggest an entity with administrative rights successfully breached our security protocols and accessed certain sensitive data. This breach has affected systems operated by both the Legal Practitioners Fidelity Fund and the Legal Practitioners Indemnity Insurance Fund (LPIIF),” he adds.

The LPIIF provides a primary layer of professional indemnity insurance to all attorneys in South Africa. It is a non-profit, short-term insurance company, licensed in terms of the Short-Term Insurance Act and regulated by the Financial Sector Conduct Authority.

“Upon discovery of the breach, we promptly initiated several critical measures. We have engaged a leading cyber security firm to conduct a comprehensive investigation and have strengthened our security infrastructure to prevent future breaches,” says Molefe.

“Additionally, we have notified relevant regulatory authorities and law enforcement, and are complying with all legal obligations.”

Under South Africa’s data privacy law, the Protection of Personal Information Act (POPIA), organisations that suffer data breaches must report the incidents to the Information Regulator.

“To safeguard your information, we advise taking the following precautions: vigilantly monitor your accounts for any unusual or suspicious activity, change your passwords and activate two-factor authentication where available, and exercise caution when responding to unsolicited requests for personal information,” Molefe adds.

“We understand the severity of this incident and the importance of the trust you place in us. Our commitments to you are providing timely updates on our progress, offering support to help you protect your information and implementing advanced security measures to enhance the protection of our systems. Please note there will be downtime on some systems, and we ask that you bear with us.”

The LPFF case comes as cyber attacks targeting South African organisations have increased. A recent report by cyber security firm Surfshark ranked South Africa fifth on a global cyber crime density list.

During ITWeb Security Summit 2024, the office of the Information Regulator, which enforces POPIA, said it had seen an increase in the number of data breaches reported by local firms.

In the 2022 financial year (February 2023), the Information Regulator received 500 notifications of data breaches or security incidents. In the 2023 financial year (February 2024), the number spiked to over 1 700 reported security compromises – more than triple the amount.

The LPFF had not responded to ITWeb’s specific questions on the number of data subjects impacted by the breach at the time of publication.