Story image

Uganda data centre raided, operator ‘held hostage’

09 Jul 18

A major data centre in Kampala, Uganda has allegedly been pillaged by government officials.

The concerning news comes at a time when data protection and privacy is a hot issue.

Uganda’s Daily Monitor managed to get a copy of a letter of complaint sent from MTN Uganda (a local telco company) to the government’s Internal Security Organisation (ISO).

The letter implied that the company’s data centre had been trespassed by security men purporting to be from ISO who accessed their servers before disconnecting four of them.

This came after a man who had physical access to the MTN IT Data Centre was ‘kidnapped’.

According to the letter, Huawei Uganda data facilities manager Moses Keefah Musasizi was seized at 5pm on July 2 before being held hostage at the ISO headquarters until 9pm when he was taken to the MTN data centre and coerced to provide access.

“We are yet to determine the extent of interruption to our network activities and the financial impact. It is also possible that some data have been tempered with or illegally accessed and taken from the premise,” the letter reads in part.

“The intrusion into the data was properly captured by our closed circuit television (CCTV cameras.”

Following the breach, MTN Uganda reported the case to the local police and stressed that they had received no warning.

“We await police investigation to determine the nature and motive of the above officers. It is important we had not received search warrant, court order or a request for information that not been attended to, warranting the above action,” the letter reads.

“This incident poses a serious security risk to telecommunication infrastructure and customer data which are protected under the Uganda Communication Act 2013. Our servers have been off since yesterday and are yet to be reconnected. As a result, MTN is currently unable to offer some services such as processing of call data records, resolution of customer queries and Mobile Money Micro-lending.”

According to MTN, the letter was copied to Minister of ICT and National Guidance, Minister of Security, Minister of Internal Affairs, Inspector General of Police, and the head of Chieftaincy of Military Intelligence.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.