City of Joburg website “hacking” case update

In August 2013 a security vulnerability was discovered in the City of Joburg’s (CoJ) online e-statements system which exposed residents’ and business’ personal details.

After this vulnerability hit the media, the City of Joburg shut down its e-statements system, and said that they regarded the breach of their system as a criminal act.

The city also opened a criminal case against “a suspected perpetrator” after a “thorough forensic investigation by the city and its private IT experts”.

However, many IT experts highlighted that poor web security was behind CoJ’s e-statements problems, and not a malicious attack.

The whistle-blower of the CoJ’s e-statement security vulnerability, Bidorbuy CTO Gerd Naschenweng, was revealed as the “suspected perpetrator”.

The Hawks started to investigate, but according to information received by MyBroadband the case was not seen as very strong.

In November the docket was transferred to the prosecutor for review and to decide whether to take the case to court.

To date Naschenweng has not been charged, and there are no further developments in the case.

MyBroadband asked the City of Joburg for an update on the case, but they said they could not provide any details.

“You will have to personally ask the police given that this matter left our domain when we lodged an official complaint with them in Hillbrow and Sandton,” said the City of Joburg’s Gabu Tugwana.

More on the City of Joburg security issue

Hawks investigating City of Joburg billing security issue

Shocking security flaw info emerges

City of Joburg opens criminal case against “hacker”

True story behind Joburg’s online security problems