On 6 September 2021, SANSA was notified of a possible breach of the IT system. A file consisting of SANSA information was shared by a third party in the public domain.
An internal investigation was conducted, and it was determined that no network breach occurred. The file dump was from the public anonymous FTP server containing data that is already in the public domain and is active at the SANSA Hermanus facility. This SANSA-sanctioned public FTP server hosts public domain research data, papers and other miscellaneous files
This public FTP server was previously used to share files too large for e-mail or other distribution methods. Some student application information from 2016 was contained in a zip archive.
The following steps are being taken:
- The public anonymous access of the FTP server has been completely removed
- The Information regulator is being notified
- The affected parties are being notified
The takedown requests have been sent to sites and domains hosting the data; however, the data might appear on certain internet sites. Most of the data is information that can be accessed in the public domain as it refers to research-related work in Space Science.
No further attempts have been made to access SANSA data and all data security protocols are in place
SANSA confirms that NO data has been stolen. SANSA was not under threat of a ransomware attack and no ransom demands have been received.
For more information contact:
Daleen Fouche, Communications Practitioner
Vaneshree Maharaj, Communications Manager
