Millions of South Africans are at risk following a surge in cybersecurity breaches targeting key state and private institutions, compromising their confidential medical and financial data. The Information Regulator received 3 219 data breach notifications between April 2025 and March 2026, with 1 858 linked to the financial services sector.
According to the regulator, the leaks are largely driven by human error and internal system failures rather than external cyberattacks. Spokesperson Nomzamo Zondi explains that not every security compromise results in a formal investigation, as notifications are evaluated using a risk-rating matrix that considers the severity of the incident and potential harm.
Cybersecurity Threats on the Rise
Cyber experts say the issue is systemic, and that both cyberattacks and human error are driving the exposure of sensitive systems. Chris Norton from cybersecurity company Kaspersky notes that attacks on major institutions are not isolated events, but reflect a broader shift towards credential theft, weakly protected cloud access, phishing, and the reuse of compromised data at scale.
Norton says stolen login details are increasingly central to cybercrime, with more than one million online banking accounts compromised globally in 2025 by infostealers. This has created a more persistent, quieter threat environment, with ransomware, phishing, and AI-driven scams changing the kind of threats received.
Organisations Slow to Respond
Despite growing awareness, Norton says most organisations are slow to respond to potential threats, relying on fragmented tools, manual processes, and reactive controls that can lead to alert fatigue and gaps in policy enforcement. In South Africa, only 46% of professionals surveyed by Kaspersky reported receiving training on digital threats, even though half encountered scams disguised as internal or supplier messages in the past year.
To combat rising cyber crime, experts urge the South African government to prioritise the enforcement of SIM card registration laws as a critical step in enhancing national security. As the South African government continues to address systemic flaws, institutions must also take responsibility for protecting sensitive information and investing in robust cybersecurity measures.
- 3 219 data breach notifications received by the Information Regulator
- 1 858 breaches linked to the financial services sector
- 2 677 notifications classified as non-cyber compromises, including human errors and organisational practices
