Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Senegal shuts National ID office after ransomware attack

Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned […]

Senegal data breach

Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services.

Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned the country’s 19.5 million residents that operations were suspended while officials assessed the impact and worked to restore services securely.

The authorities sought to reassure citizens, stating that the incident did not affect the integrity of their data.

A new ransomware group called Green Blood Group claimed it breached the agency and stole 139 GB of data, including citizen records, biometric information, and immigration documents.

The group published a list of documents & backup files as proof of the hack.

Hackers leaked data and an email from Quik Saw Choo, senior GM at Malaysia’s IRIS Corporation, which is helping create Senegal’s digital ID cards. In the Jan 20 email, Choo told Senegalese officials that hackers breached two DAF servers on Jan 19, stealing card personalization data from one. IRIS cut network access to one server, changed passwords on the other, and blocked foreign mission connections. Choo said Malaysian cybersecurity experts were assisting and planned to travel to Dakar on Jan 22 to investigate and fix the issue.

“The cyberattack comes amid an ongoing standoff between the Senegalese state and Iris Corporation, the Malaysian firm awarded the contract to produce the country’s digital National Identification Cards (CNI). The dispute centers on unpaid invoices. According to sources, once the breach was detected, Iris Corporation requested that DAF shut down all systems while it prepared to dispatch its technical team to Dakar.” reported the Gambia Journal.

“That request has raised questions about a possible link between the commercial dispute and the cyberattack, although no official confirmation has been made. Authorities have so far not publicly attributed responsibility or detailed the scope of any data compromise.”

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Senegal)