In a major cybersecurity breach, hackers infiltrated the Central Bank of Uganda and stole $17 million from Treasury accounts.
The attack, attributed to the Southeast Asia-based hacker group “Waste”, took place in September. Reports suggest it was a partial inside job, with some bank employees allegedly aiding the cybercriminals. The stolen funds were transferred to two accounts in Japan and the UK.
To date, the bank has managed to recover more than half of the stolen amount. The remaining funds are still being traced as investigations continue. Ugandan authorities are awaiting a police report to determine the full extent of the breach and the involvement of insiders.
The incident underscores the growing vulnerabilities of financial institutions to cyberattacks, especially from coordinated international hacker groups.
While the Central Bank of Uganda has not disclosed specific details about how its firewalls were breached, the incident highlights the critical need for robust cybersecurity measures and employee vetting in financial institutions.