{"id":649690,"date":"2026-05-25T15:49:42","date_gmt":"2026-05-25T13:49:42","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=649690"},"modified":"2026-05-25T15:55:28","modified_gmt":"2026-05-25T13:55:28","slug":"sars-throws-water-on-nigerian-hack-claims","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/649690-sars-throws-water-on-nigerian-hack-claims.html","title":{"rendered":"SARS denies it was breached by Nigerian hacker group"},"content":{"rendered":"\n<p>The South African Revenue Service (SARS) said claims by a hacktivist group that its systems have been breached were false and unsubstantiated.<\/p>\n\n\n\n<p>Over the weekend, a group calling itself Nullsec Nigeria <a href=\"https:\/\/mybroadband.co.za\/news\/security\/649464-nigerian-hacking-group-claims-it-breached-sars.html\">said it breached<\/a> SARS and the South African Information Technology Agency (SITA).<\/p>\n\n\n\n<p>SITA denied that it had been breached on Sunday. SARS issued a statement on Monday denying that any foreign threat actors compromised its systems.<\/p>\n\n\n\n<p>\u201cSARS continuously monitors its systems for any suspicious activity and has conducted a thorough investigation in response to these reports,\u201d it said.<\/p>\n\n\n\n<p>\u201cAt this stage, there is no evidence that SARS\u2019s systems have been compromised. SARS wishes to reassure the public regarding the integrity of its systems.\u201d<\/p>\n\n\n\n<p>The revenue service said it treated the protection of taxpayer information and the security of its digital platforms as sacrosanct and considers them core responsibilities.<\/p>\n\n\n\n<p>\u201cThis dovetails with SARS\u2019s broader commitment to build a smart, modern institution with unquestionable integrity, and to strengthen public trust and confidence in the tax administration system,\u201d it said.<\/p>\n\n\n\n<p>\u201cSARS will continue to monitor its digital environment and, where necessary, will communicate through its official platforms.\u201d<\/p>\n\n\n\n<p>On 23 May 2026, Nullsec Nigeria, which previously operated under the name Anonymous Nigeria, posted links on a hacker forum to allegedly compromised data from two South African organisations.<\/p>\n\n\n\n<p>It claimed the SARS data included names, email addresses and passwords used on official websites. The SITA link allegedly contained names, passwords, and the platforms used to access SITA services.<\/p>\n\n\n\n<p>MyBroadband reported on Sunday that the breach did not appear to be legitimate after a South African cybersecurity researcher analysed the data.<\/p>\n\n\n\n<p>\u201cIn my opinion, there is not enough information to confirm the SARS and SITA breach claims are real,\u201d they said.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Nullsec doubles down<\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1200\" height=\"675\" src=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2026\/05\/Nullsec-Nigeria-headline-image.jpg\" alt=\"\" class=\"wp-image-647969\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2026\/05\/Nullsec-Nigeria-headline-image.jpg 1200w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2026\/05\/Nullsec-Nigeria-headline-image-600x338.jpg 600w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2026\/05\/Nullsec-Nigeria-headline-image-768x432.jpg 768w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><figcaption class=\"wp-element-caption\">Nullsec Nigeria\u2019s logo<\/figcaption><\/figure>\n\n\n\n<p>Nullsec Nigeria told MyBroadband via the encrypted messaging service Session that the breaches were real and that it would not leak information belonging to South African citizens.<\/p>\n\n\n\n<p>\u201cThey\u2019ll deny it or find a way to fix the problem so fast it makes us look like fools. That data is the real data,\u201d they said.<\/p>\n\n\n\n<p>\u201cAll the documents which were from the hacks are based on ignorance of proper security. The government of South Africa must know those cheap games ain\u2019t a game anymore.\u201d<\/p>\n\n\n\n<p>MyBroadband could not independently verify the breaches due to insufficient evidence from the Nigerian group.<\/p>\n\n\n\n<p>SITA head of corporate affairs, Tlali Tlali, said the organisation\u2019s ICT infrastructure had not been compromised and that its systems were fully intact.<\/p>\n\n\n\n<p>Tlali explained that SITA\u2019s security teams operate 24\/7 and are equipped with monitoring and threat-detection capabilities.<\/p>\n\n\n\n<p>\u201cAll systems have been tested and verified as fully operational, and no anomalies indicative of a cyberattack have been identified,\u201d the organisation said.<\/p>\n\n\n\n<p>SITA, which operates the South African government\u2019s digital infrastructure, said that only one significant government organisation\u2019s website was down at the time of its feedback to MyBroadband.<\/p>\n\n\n\n<p>This was the website of the South African Police Service (SAPS), which we verified was inaccessible at various times on Saturday, 23 May, and Sunday, 24 May.<\/p>\n\n\n\n<p>\u201cWe wish to clarify that the downtime of a website of that department is the direct result of a scheduled and planned maintenance window,\u201d Tlali said.<\/p>\n\n\n\n<p>Users visiting the SAPS website received a message that it was unreachable. Nullsec Nigeria posted that the site was \u201ctango down\u201d on its Telegram channel, leading to assumptions that it had attacked the site.<\/p>\n\n\n\n<p>Last week, Nullsec Nigeria also <a href=\"https:\/\/mybroadband.co.za\/news\/security\/647968-anonymous-nigeria-attacks-south-africa.html\">claimed responsibility for breaching systems<\/a> belonging to the Department of Correctional Services and posted links to alleged exfiltrated data.<\/p>\n\n\n\n<p>At the time, the group said the hacks were part of a coordinated effort by multiple threat actor groups in a campaign dubbed #OpSouthAfrica.<\/p>\n\n\n\n<p>The campaign aimed to attack South African government organisations amid the increased incidence of xenophobic attacks on foreign nationals in South Africa, including Nigerians.<\/p>\n\n\n\n<p>\u201cWe\u2019ll expose all your evil deeds for the world to see, unless this attack stops. But if not, we\u2019ll leak everything they got,\u201d the group said.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The South African Revenue Service denied claims that its systems were compromised by the hacker group Nullsec Nigeria.<\/p>\n","protected":false},"author":341213,"featured_media":649695,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_sma_x_autopost_status":"idle","_sma_x_autopost_error":"","_sma_x_post_id":"","_sma_x_attempts":0,"footnotes":""},"categories":[27],"tags":[105377,104690,15227,105290,509,4104,105469,4336,4486],"class_list":["post-649690","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-opsouthafrica","tag-breaches","tag-cybersecurity","tag-nullsec-nigeria","tag-sars","tag-sita","tag-south-african-information-technology-agency","tag-south-african-revenue-service","tag-tlali-tlali"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/649690"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/341213"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=649690"}],"version-history":[{"count":5,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/649690\/revisions"}],"predecessor-version":[{"id":649709,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/649690\/revisions\/649709"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/649695"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=649690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=649690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=649690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}