Telecom Namibia (TN), one of the country’s leading telecommunications companies, is investigating a cyberattack that resulted in the exposure of sensitive data belonging to nearly 500,000 individuals, businesses, and government entities. The attack, carried out by hackers known as Hunters International, occurred in late 2024 and led to the release of 630 gigabytes of data, including identity documents, banking details, contracts, and internal financial reports.
Data Breach Impact and Financial Losses
The leaked documents reveal a series of vulnerabilities within Telecom Namibia’s systems. One document highlighted issues with TN’s outdated billing system, which has significantly increased operational costs over the years. Expenses linked to the system rose from below N$95 million in 2023 to over N$105 million in 2024, with projections suggesting costs could reach N$135 million.
An internal audit from 2021 also flagged systemic weaknesses, including poor controls and record-keeping, which allowed employees to make unauthorized adjustments. For example, airtime worth N$100,000 was credited to one user’s account, while another received N$64,761 in airtime. The audit warned of financial and reputational risks if these issues were not addressed—a concern now validated by the recent breach.
The company estimates the financial damage from the attack at N$5.4 billion (USD 300 million).
Response and Security Enhancements
Telecom Namibia CEO Stanley Shanapinda confirmed that the company is working with law enforcement and cybersecurity teams to investigate the breach. Employees who were on leave have been called back to assist in forensic analyses as TN actively pursues leads.
Although the company has closed the security loopholes exploited during the attack, Shanapinda emphasized that no system is entirely immune to breaches. “The threat vector was addressed in November and December 2024, but continuous monitoring and updates to security measures are necessary,” he said.
As part of its response, TN is enhancing its security operations center and updating its cybersecurity protocols to prevent future attacks. Customers have been advised to update their passwords, monitor financial accounts, and avoid sharing leaked data, as distributing such information is illegal.
Hackers and Ransom Refusal
The attack was reportedly a ransomware incident. Hunters International demanded payment to avoid releasing the data, but TN refused to negotiate. Shanapinda reiterated that paying a ransom offers no guarantee of confidentiality, aligning with the company’s policy against engaging with cybercriminals.
The refusal to pay led to the release of sensitive information, including data from high-ranking government officials, further highlighting the severity of the attack. Outgoing President Nangolo Mbumba has labeled the breach a national security concern and called for stronger measures to protect the country’s digital infrastructure.
Moving Forward
Telecom Namibia’s recovery efforts also include seeking funding for a new billing system to replace its outdated one, which has been a known weak point for years. Namibia Post and Telecom Holdings Limited has committed N$235.6 million toward this upgrade.
This incident serves as a stark reminder of the increasing threat posed by cyberattacks and the importance of robust cybersecurity measures. For Telecom Namibia, the focus now lies on rebuilding trust, improving security, and ensuring its systems are better equipped to handle future threats.
