Five Major Cybersecurity Breaches in Africa: July–August 2025

Cybersecurity threats are rising fast across Africa. The last two months saw high-impact breaches affecting governments, utilities, and businesses. These incidents highlight vulnerabilities in critical systems and the urgent need for stronger defenses.

South Africa’s National Treasury Malware Incident (July 24, 2025)

On July 24, South Africa’s National Treasury reported malware infections on its network. Early reports linked the breach to the global SharePoint exploit. Systems were taken offline and isolated for containment. Patching and forensics followed. This breach shows how African governments face the same global threats targeting financial systems worldwide.

Ingonyama Trust Ransomware Attack in South Africa (August 29, 2025)

In late August, the Ingonyama Trust, a key land management body in South Africa, was hit by a ransomware group known as NightSpire. Attackers claimed to have stolen 30GB of sensitive data. The compromise of an institution managing land ownership underscores the risks facing state entities with valuable records.

Nigeria Customs Service Platform Breached (August 14–15, 2025)

The Nigeria Customs Service faced a severe cyberattack in mid-August. Its ICT platform, known as “B’Odogwu,” was crippled for two days. Cargo clearance stopped across several ports, leaving goods stranded and businesses paying heavy demurrage fees. The attack exposed how disruptions in customs systems directly affect trade, revenue, and supply chains.

Uganda’s Electricity Transmission Breach by Qilin (August 18–19, 2025)

The Uganda Electricity Transmission Company Limited was listed as a victim by the Qilin ransomware group in August. Hackers posted proof of access and leaked documents on the dark web. The incident raises major concerns about operational technology systems in Africa’s power sector, where downtime can disrupt millions of people.

Egyptian Electricity Holding Company Targeted (July 15, 2025)

In July, the Egyptian Electricity Holding Company suffered a ransomware attack claimed by the Devman gang. The attackers demanded a ransom while threatening to leak sensitive data. Energy utilities are becoming top targets for cybercriminals, and this incident confirms that North Africa is firmly within the scope of global cyber campaigns.

What These Incidents Show

• African governments and corporations are prime targets for ransomware groups.

• Critical infrastructure—including energy and trade systems—faces growing risk.

• Supply-chain delays and public service disruption show the real-world impact of cybercrime.

How OSRS Can Help

At OGUN Security Research and Strategic Consulting (OSRS), we help organizations prepare, defend, and respond.

• Training & Certification Programs to upskill staff.

• Strategic Intelligence & Security Research to track threats in Africa and beyond.

• Digital & Cyber Investigations to uncover attack vectors.

• Corporate & Financial Investigations to secure trade and revenue.

• Cybersecurity Consulting & Advisory to harden defenses across sectors.

The breaches in July and August 2025 prove that Africa is now on the frontline of global cybercrime. Critical systems are attractive targets, and downtime can cost millions. With expert support from OSRS, organizations can build resilience, protect sensitive data, and keep essential services running.

---------------------

About the Author

Dr. Oludare Ogunlana is a cybersecurity professor and founder of OGUN Security Research and Strategic Consulting (OSRS). With deep expertise in cyber defense, investigations, and intelligence, he helps organizations build resilience against global digital threats.