Your information could be at risk – What to know

1 Views

A comprehensive investigation into the South African Social Security Agency’s (SASSA) SRD grant online system has highlighted alarming security risks, reported The Citizen on 27 November 2024.

The probe was commissioned by the Department of Social Development. It showed that the information of SRD grant beneficiaries is at risk of cyber attacks. The agency’s decision to investigate came after claims by two University of Stellenbosch students in October 2024. Joel Cedras and Veer Gosai briefed the Social Development Committee on their findings. They alleged there were vulnerabilities in SASSA’s payment system.

WHAT DID THE SASSA INVESTIGATION REVEAL ON SRD GRANTS?

The SASSA investigation will be completed in 30 days. It found that there’s no encryption for sensitive data in their online system. This means information such as banking details, IDs and permits belonging to SRD grant beneficiaries could be at risk. The firm hired to check the system is Masegare & Associates Incorporated. They spotted security gaps that could lead to cyber attacks.

SOME OF THE RISKS AND GAPS IDENTIFIED IN SRD GRANTS

  • Single cell phone number used by multiple applicants
  • Non-verification of identity
  • Biometric verification only done in cases where fraud is suspected
  • Lack of data encryption
  • OTP verification might be done by different individuals not owners of registered ID numbers
  • Lack of regular penetration testing and security audits

DA CALLS FOR SIU TO INVESTIGATE SASSA FRAUD

The Democratic Alliance (DA) has since reacted to these findings. They have forwarded a request in writing to President Cyril Ramaphosa. They called for the Special Investigation Unit (SIU) to investigate fraud at SASSA. The party said:

“An independent SIU investigation will bring transparency, restore public confidence, and mend the reputation of the social assistance framework which is at the very heart of the social contract bringing dignity to millions of South Africans.”

The DA also noted that “while this internal investigation focused on the SRD grant system it does not exclude the likelihood of other vulnerabilities” of other social grants provided by SASSA. They also said they had received complaints from the public regarding SRD grant fraud.

“Since inviting the public to share their experiences regarding allegations of fraud within the SRD R370 grant, the DA has received over 258 emails from South Africans nationwide detailing their experience of being locked out of social grants despite being eligible.”

RESPONSE FROM SASSA

The Minister of Social Development, Sisisi Tolashe, has responded to the findings. She said they confirmed what the university students had revealed, according to Eyewitness News. Tolashe further expressed:

“What they’ve been going through is in fact, is a fact, wherein sometimes you apply and your ID has been used elsewhere, where sometimes your apply and your cell number has been used elsewhere.”

WHAT ARE YOUR VIEWS ON THE FINDINGS FROM THIS INVESTIGATION ON SRD GRANTS?

Let us know by clicking on the comment tab below this article or by emailing info@thesouthafrican.com or sending a WhatsApp to 060 011 021 1. You can also follow @TheSAnews on X and The South African on Facebook for the latest news.