Cybercriminals Target Uganda’s Central Bank in $16.8 Million Heist
Government Downplays Extent of Theft
Uganda’s financial sector has been rocked by a major cyberattack, with hackers allegedly stealing 62 billion Ugandan shillings (approximately $16.8 million) from the Bank of Uganda (BoU), the country’s central banking institution.
According to local media reports, a group of Asia-based hackers, identifying themselves as “Waste,” infiltrated the BoU’s IT systems and illicitly transferred the funds to offshore accounts in Japan and the United Kingdom. The brazen heist has raised serious concerns about the vulnerabilities of Uganda’s financial infrastructure.
While the Ugandan government has confirmed the breach, officials have sought to downplay the scale of the theft. Henry Musasizi, the Minister of State for Finance, told Parliament that the extent of the hacking has been exaggerated in some reports.
“I wish to state that our accounts were hacked but not to the extent being reported,” Musasizi said, adding that investigations by the Auditor General and the Criminal Investigation Department are ongoing, with findings expected within a month.
However, the opposition has expressed alarm over the incident, with Joel Ssenyonyi, the opposition leader, questioning the government’s transparency and the broader security challenges facing Uganda’s banking sector.
“It alarmed me because this is our Central Bank. I thought the government should help us understand; it is important that we know what exactly is happening,” Ssenyonyi said, noting that multiple commercial banks in the country have experienced fraud in recent months.
While the Ugandan government has claimed that more than half of the stolen funds have been recovered, the incident highlights the growing threat of cybercrime targeting Africa’s financial institutions. In 2022 alone, Uganda lost an estimated $4 million due to cyber-related incidents, with banks and other financial entities being primary targets.
The vulnerability of Uganda’s central bank to such a brazen attack raises concerns about the country’s overall cybersecurity preparedness and the need for an overhaul of its financial sector’s security measures.
