PPS works to restore full functionality after cyber attack

Simnikiwe Mzekandaba
By Simnikiwe Mzekandaba, IT in government editor
Johannesburg, 25 Mar 2021

The Professional Provident Society (PPS) is still working to restore full functionality of its IT systems, following what it described as a “malicious” cyber attack on its systems.

Two weeks ago, PPS informed members that its IT systems suffered a cyber attack on 9 March, further revealing that an independent forensic investigation was being conducted, with IT experts focused on restoring full functionality.

Despite this, some members have expressed disappointment that several PPS online systems are still unavailable.

Responding to ITWeb on the status of its systems, the insurance and investment firm says it is continuing with its forensic investigations, adding it is now working towards returning full functionality to members as quickly as possible.

“We have implemented a thorough recovery process to ensure every precaution is taken to maintain the integrity of our operating system.

“Full functionality is gradually being reinstated with robust testing to ensure the sustainable return to normal IT operations.

“Many of our core systems continue to operate normally. We are making daily progress with restoring the systems that were impacted. Alternative systems have been in place to handle affected member requirements, albeit with some delays from our usual levels of service,” it says.

While the forensic investigation is still ongoing, PPS says it currently shows no evidence that any data has been compromised. “All investments remain safe and their integrity is protected.”

The PPS attack occurred amid a rapidly growing cyber attack environment, with several South African organisations falling prey to cyber criminals in recent months.

Last August, financial services provider Momentum Metropolitan revealed it was hit by a cyber attack; meanwhile, Lombard Insurance suffered a data breach in July 2020.

Before the Lombard incident, credit bureau Experian experienced a breach of data, which exposed some personal information of as many as 24 million South Africans and 793 749 business entities to a suspected fraudster.

In June 2020, Life Healthcare Group, the second largest private hospital operator in SA, indicated it was a victim of a cyber attack, in the midst of the COVID-19 outbreak.

PPS stresses that the security of its systems and members’ data is the foremost priority. “While cyber attacks usually cannot be predicted, PPS’s security systems quickly identified this incident. Our expert advisors have told us there has been a significant increase in cyber attacks during the COVID pandemic all over the world. We constantly invest in our technology platforms and security systems, as sophisticated attacks continue to evolve.

“PPS apologises for the inconvenience suffered by our members, intermediaries and other stakeholders during this trying time and we appreciate their loyalty to us,” it concludes.