The recent exposé by GroundUp and HeartFM has revealed potential massive fraud within social grants agency Sassa’s Social Relief of Distress (SRD) system.
Uncovered by two-first year computer science students, 300 000 IDs were queried against the SRD system, showing that almost 75 000 of those IDs were used in SRD applications.
These IDs all belong to people born in February 2005. While StatsSA data shows that 82 000 people were born within that month, this means there was a 91% application rate of people born in that month – a highly questionable figure.
While Sassa initially admitted that widespread fraud exists, it later denied the claims from the report, insisting on the effectiveness of its cybersecurity countermeasures.
However, the fact remains that these students have identified several cyber vulnerabilities that Sassa’s system harbours. This matter also raises serious concerns about the management of personal data, especially considering that 28 million South Africans rely on Sassa grants. Those affected by potential ID fraud may find it difficult to access much-needed support in the future.
Fragmented
This situation underscores the fact that government IT systems are fragmented, with very few talking to one another. Strengthening local data management through investment in data governance systems and cybersecurity professionals is crucial.
South Africa must prioritise data security by relying on local talent and infrastructure to secure sensitive information.
Stefan Gerber
Co-founder, Tregter
- TechCentral welcomes letters to the editor. Please send correspondence to editor at techcentral dot co dot za. Correspondence will be published at the editor’s discretion