The Gauteng provincial government has launched an investigation into allegations of a suspected breach of government information.
A message posted on an online forum claimed to have successfully extracted the Gauteng provincial government database.
“Thanks for reading and enjoy! Official online portal for the government of Gauteng, a province in South Africa. The website provides residents, businesses and visitors with access to important government information, services and updates. It includes details about different government departments, public programmes, healthcare, education, housing and economic development initiatives,” reads the message.
The breach is said to include 3 673 556 individual files, totalling 3.8 TB of data. It’s on the market for $25 000.
Data breach allegations probe
On Friday, the Gauteng provincial government said the matter was being treated “with the seriousness it deserves”.
A preliminary investigation has already been initiated to establish the facts and determine the extent of the alleged breach, said spokesperson Elijah Mhlanga.
“At this stage, it would be premature to speculate on the details while the investigation is underway. The relevant internal processes have been activated, and the appropriate authorities are being engaged to assist in the investigation,” Mhlanga.
ALSO READ: Cyber Month: Scammers ‘hacking kindness’ – AI and ubuntu used for fraud
“The Gauteng provincial government remains committed to safeguarding government information and ensuring that all systems and processes are managed in line with applicable laws, regulations and protocols.”
Mhlanga said further communication would be provided once the investigation has progressed and more information becomes available.
Gauteng premier Panyaza Lesufi assured the public that the government was “on it”.
SA data breaches surge 40%
In November last year, the Information Regulator raised deep concern about the number of compromise incidents occurring in the country.
In the 2024-25 financial year, organisations reported 2 374 security compromise incidents (data breaches), averaging 198 notifications per month.
At the time, it said that since April 2025, organisations had reported 1 947 data compromises to the regulator. This equalled an average of 284 notifications per month. The figure showed a 40% increase in reported security breaches.
The regulator called on both public and private sectors to invest in better data protection systems. It urged them to develop and maintain technical and organisational measures that protect personal information. These measures must ensure the integrity and confidentiality of the data they hold.
Additional reporting by Chulumanco Mahamba
NOW READ: Wits University hit by cyber attack
About the Author
