The International Trade Administration Commission of South Africa (Itac) has become the latest state entity to fall prey to a ransomware attack.
Itac has warned that the cyber security breach earlier this year may have led to a data leak, including the personal information of exporters and importers.
The regulatory body said in a statement on Monday that the attack, which took place on January 2, had locked its staff out of its IT system and encrypted files.
According to News 24, an unknown suspect then demanded a ransom payment to restore the system.
The IT system was shut down while security measures, such as firewalls, were updated.
Itac commissioner Ayabonga Cawe said private information, such as the personal information of its staff, service providers and importers had been accessed on the system during the breach.
"We are publishing this notice to alert all stakeholders to the fact that there is a chance this security compromise may affect them.
“It is therefore important that you know that the person who perpetrated the security compromise may have accessed, and possibly extracted, personal information that you submitted to Itac," Cawe has said.
He said the delay in warning those at risk was because of ongoing investigations into the attack.
“The delay in the publication of this notice was due to the need for Itac to investigate the security compromise and restore the integrity of its information systems.
“Also, it was considered vital not to pre-empt the investigations that had been initiated since Itac became aware of the security compromise,” he said.
Itac has warned those at risk to remain on high alert and not disclose any information such as PINs or passwords over phone, email or text messages, and to avoid suspicious links.