The beginning of the new year was marked by a bunch of major information security incidents. Let’s dive into the incidents, which happened with the International Civil Aviation Organization and South Africa Govchain and Cell C companies.

Notably, both cybersecurity incidents in South Africa occurred almost simultaneously. On the 3^rd of January, Govchain, a South African financial company, reported a data breach. Govchain is providing services related to the field of registration and compliance for business units. Thus, the company processes very sensitive data of numerous legal entities.

According to the report, a breach was noticed by the company’s security system, which registered a huge amount of errors. Govchain reacted to the incident by blocking access to its servers, deactivating applications, and launching an investigation. Under the guidelines of the Protection of Personal Information Act, Govchain notified the local Information Regulator and affected data subjects. Non-compliance with South African data protection legislation can result in fines of up to 525,000 United States dollars or imprisonment.

Company representatives claimed that the breach could potentially compromise some personal information. The exposed data set could potentially include documents required for the Financial Intelligence Centre Act verification and other register records sharing.

Cell C, a South African telecom company, reported a cybersecurity incident on the 8^th of January. According to the official statement, the incident affected parts of the company’s IT environment, and as a result, some customer data was exposed. The company officials noted the South African Information Regulator and started the proper investigation process.

It’s assumed that the amount of leaked data is around 2 TB. According to the preliminary findings, this leak was a result of phishing attacks, which took place earlier in 2023 and 2024. According to the official statement by Cell C’s Information Officer “Initial findings indicate that data related to a limited number of individuals may have been accessed by an unauthorized party.”

According to research company TFI, exposed data could contain credentials for a wide range of internal services and external portals, including Cell C’s fiber-to-the-home customer operations. As a result, a malicious actor could acquire private personal data, manipulate service orders, and compromise billing records through access to portals of other fiber network operators.

At the start of January, the International Civil Aviation Organization (ICAO) was targeted by a successful cyberattack. ICAO announced that it is investigating a “potential information security incident.” According to the claims, the stolen archive contains 2GB of data, which includes such information as:

• Names
• Dates of birth
• Addresses
• Phone numbers and email addresses
• Other data from potential candidates’ CVs.

ICAO has confirmed that the incident affected data from around 42,000 recruitment applications from 2016 to 2024. ICAO is now reaching out to 11,929 affected persons. According to the official statement, malicious actors gained only limited access to recruitment servers and failed to obtain any passwords, banking details or documents uploaded by applicants.

Thus, this incident didn’t affect any system related to aviation safety or security operations. It’s worth mentioning that a previous cyberattack targeted ICAO in 2016, and the organization stated that it will enhance security measures to prevent potential incidents.

The incident with South African company Cell C highlights the importance of robust and effective cybersecurity. Phishing attacks are usually used as a staging ground for further attacks. Almost half of successful cyberattacks used credentials gained from previous phishing attacks. Companies can empower cybersecurity by the means of security awareness training. Security culture is a cornerstone of cyber protection. A simple step-by-step manual for employees can empower the whole structure of the company’s defense against external threats. Take a brief look at our guide for detection of phishing emails.