South Africa's National Credit Regulator reports cyber-attack disrupting some systems

South Africa's National Credit Regulator (NCR) published a cybersecurity incident notification confirming it has been the victim of a cyber-attack that disrupted certain systems and triggered incident response and recovery measures. Containment steps included isolating affected systems, disabling remote access, and implementing enhanced security controls. The NCR engaged independent cybersecurity specialists to support investigation and recovery, and notified relevant government and regulatory authorities, including the Information Regulator. An investigation is ongoing to verify claims by the criminal third parties and determine what data was involved, including whether and to what extent personal information was affected; stakeholders were also urged to remain vigilant about suspicious communications and to consider Protective Registration with the Southern African Fraud Prevention Service. The NCR is working to restore its environment securely to maintain continuity of operations and indicated that further updates will be provided as the investigation progresses.