The South African Police Service (SAPS) said at a press briefing today (22 May 2013) that no confidential information was leaked in the recent hack of its website.
“No criminal information or case information was compromised at all,” Lieutenant General Bonginkosi Solomon Ngubane told journalists.
Ngubane explained that the corporate systems of the SAPS are hosted in a building in the Pretoria CBD (which is a National Keypoint), while the website is hosted in the data centre of SITA in Centurion.
In a statement to the media, Ngubane maintained that the information that was accessed was information that is published usually, or information that is made public on the website in any case.
He explained that they had expanded the SAPS website feedback functionality where it was mainly used to submit things such as congratulatory messages, and that when they did so they should have changed the system to store the data more securely.
In future, Mashao said they will ensure that any such sensitive information is encrypted before being transmitted to where it will be stored securely.
Mashao said that of the roughly 15,000 lines of information stored, most was anonymous or not sensitive.
“What concerns us is that there are cases where people provided information [on potential crimes],” Mashao said.
Hacker’s Marikana statement unfair
Ngubane added to Mashao’s explanation by saying that people who submitted information without providing personally identifiable information are protected.
Information submitted to Crime Store also remained anonymous, Ngubane said.
Asked about the hacker’s statement that they were bringing attention to the fact that no-one had been brought to justice for the killings at Marikana, Ngubane said that he thought it was an unfair statement.
“There is a commission of inquiry that’s ongoing,” Ngubane said. “I think it’s an unfair statement to judge the police before the commission is finished.”