Stats SA confirms cybersecurity breach as over 400 000 job seekers face risk

Posted on March 30, 2026
57

By Bulelwa Hoala

Stats SA confirms cybersecurity breach as over 400 000 job seekers face risk
Image: Stats SA
  • Stats SA confirmed a cybersecurity breach on its HR system, with hackers claiming to have stolen over 453,000 files (154GB) and demanding a $100,000 ransom.
  • The breach is linked to the XP95 ransomware group, which previously targeted the Gauteng Provincial Government, exposing 3.8TB of data.
  • Job applicants who used the Stats SA portal may be at risk of phishing and fraud, and are advised to change passwords, stay alert, and monitor their credit.

The Department of Statistics South Africa (Stats SA) on Sunday, 29 March 2026, confirmed it had been hit by a cybersecurity breach affecting one of its human resources databases.

This comes after South African journalist and anti-crime activist Yusuf Abramjee revealed that Stats SA was the latest target of the XP95 ransomware group.

In a post on X, Abramjee said the group claims to have taken 453,362 files, amounting to 154GB of data, and is demanding a ransom by 20 April.

ITWeb reports that the ransom demand is $100,000 (approximately R1.7 million).

According to Stats SA, the breach was limited to the HR system used by job seekers to apply online.

The department also confirmed that it will be guided by the Information Regulator on the way forward.

“The national statistics office is part of a wider government response to matters dealing with cybersecurity breaches. Stats SA will notify the Information Regulator and will be guided by their processes,” the department said in a statement.

BusinessTech reports that the attack follows another breach by XP95 on a Gauteng provincial government department earlier this month.

That breach saw 3.8TB of personal data being stolen and put up for sale for R400,000.

What does this mean for you?

Stats SA holds some of South Africa’s most important data, including census information, inflation rates, and employment figures.

For the average South African job seeker, this means personal information such as ID numbers, home addresses, and employment history could potentially be exposed.

If you have used the Stats SA portal to apply for work, you may be at risk of phishing scams and digital fraud.

What to do if you applied for a job via Stats SA recently:

  • Change passwords: If you used the same password across multiple platforms, update them immediately
  • Be alert: Watch for suspicious SMSes or emails asking for “verification” of personal or banking details
  • Check your credit profile: Use services like TransUnion to ensure no fraudulent accounts have been opened in your name

READ NEXT: What’s killing South Africans? The leading causes of death revealed

Exit mobile version