Concern as TTCL data reportedly stolen by hackers

Dar es Salaam. Tanzania Telecommunications Company Limited (TTCL) yesterday denied reports that its website had been attacked by a group of international hackers known as Anonymous and data stolen.

ICT website Softpedia reported on Monday that the hackers had accessed and dumped on the web particulars of thousands of TTCL employees, including real names, email addresses, telephone numbers, their departments and job titles.

“The data seems to have been stolen from the company’s website because other than employee details, the hackers also dumped data for users that had an account on the site, information that included usernames and passwords,” says the Softpedia report.

However, TTCL Public Relations Manager Nicodemus Mushi told The Citizen yesterday that they had not traced any breach of their systems and had not seen any leaked files online.

“We learnt of the hacking claims on Monday night and our technicians immediately probed the matter, but as we are speaking now, we have not detected any signs of an attack. We’re sure that all our files are safe and secure,” Mr Mushi said in a telephone interview.

He also clarified that TTCL had only 1,557 workers across the country and not the tens of thousands whose details had reportedly been stolen. The reports suggested that up to 64,000 people had their details obtained from the TTCL website.

Had their website been hacked, Mr Mushi said, they would have experienced troubles in operating it and would also have seen the leaked documents dumped online, but neither had happened.

“Our systems are secure. As far as the telecoms sector is concerned, we have the best minds in the country and they are a step ahead of local and international hackers.”

But Anonymous are currently one of the world’s most powerful and elusive “hacktivists”

In a successful hacking operation late last year, codenamed #OpParis following the terror attacks in Paris, they managed to take down more than 20,000 Twitter accounts affiliated to the Islamic State (IS) militant group or its sympathizers.

Late last month, they launched #OpAfrica campaign, and, according a press release seen online by The Citizen, they said “the focus of the operation is a disassembly of corporations and governments that enable and perpetuate corruption on the African continent”.

These include organisations linked with child abuse/labour as well as internet censorship within the continent and globally.

“We are fighting alongside other operations such as #OpNigeria and #AnonymousSA to help free the continent from the plague of exploitation that has been occurring for centuries,” they said.

The hackers went on to issue what they called the “first target list”, which includes the governments of Tanzania, Rwanda, Uganda, South African, Zimbabwe, Ethiopia, Sudan and South Sudan.

Prior to the alleged TTCL hacking, the group was reported to have launched a cyber attack on Broadband Systems Corporation, a Rwandan IT firm that provides high-quality video conferencing software for the Rwandan government.

Hackers gained access to the company’s email accounts, along with its ticketing system, from where they dumped the database’s content that contained details such as employees’ names, email addresses, hashed passwords and phone numbers.

Uganda’s Ministry of Finance has also reportedly been attacked, with the hackers said to have breached the ministry’s database and dumped online the details of 220 government employees, including their real names, emails, phone numbers, usernames and passwords.

However, there is already resentment over #OpAfrica, with Softpedia reporting that many have argued that the group “is not actually helping since it is not doing anything except hack government agencies and state-owned companies that have weak security measures and then dump data of innocent people online, exposing them to various types of dangers”

Former government ICT coordinator August Kowero told The Citizen that while the security implications of the systems of a corporation like TTCL being hacked were serious, it was not an easy thing to do even by international hackers.

“I don’t see TTCL being particularly prone to cyber attacks. They are using fixed networks...you can’t breach their systems, unless you cut the cables manually. Almost all government data is stored this way for protection,” he said.

Mr Kowero, who is now a consultant, said advances in technology and availability of high quality anti-hacking software means that corporations such as TTCL are well protected against online threats.”