Stefanutti Stocks shuts down IT systems after cyber attack
JSE-listed Stefanutti Stocks has become the latest South African company to be hit by a cyber attack.
On its Web site, Stefanutti Stocks describes itself as “one of South Africa’s leading construction groups with over 12 000 employees and the capacity to deliver a range of projects of any scale to a multitude of clients in diverse markets”.
This morning, the construction group issued a statement to shareholders saying “in the early hours of 31 August 2020, it uncovered a cyber attack on its IT systems”.
According to the company, external IT forensic experts have been engaged to work with Stefanutti Stocks’ experts to investigate the incident.
As a result, it says, all IT systems have been shut down in order to remediate.
“This will cause a temporary disruption to certain central administrative functions. Notwithstanding this, site operations will continue unaffected,” it notes, adding that it will report the attack to the relevant enforcement agencies.
“Stefanutti Stocks reassures its stakeholders that it takes any threat to its IT systems extremely seriously and that the incident is being fully investigated.”
However, the company did not provide further details, saying “any material developments will be communicated”.
The Stefanutti Stocks attack comes on the back of several South African companies falling prey to cyber criminals of late.
Only last week, ITWeb reported that Lombard Insurance was working with the Information Regulator and South African authorities after suffering a data breach.
Lombard suffered the breach in July.
Before the Lombard incident, credit bureau Experian also experienced a breach of data which exposed some personal information of as many as 24 million South Africans and 793 749 business entities to a suspected fraudster.
Yesterday, Experian revealed it is investigating some of the data which has been exposed on the Internet.
Last month, financial services provider Momentum Metropolitan was also hit by a cyber attack.
The company said it became aware of a data breach on its network on 13 August and immediately activated its IT security incident plan, which included the implementation of additional systems monitoring and the reinforcement of its IT security.