Hackers Breach Uganda’s Central Bank, Ministry of Finance Downplays Extent of $17Million Loss Earlier Reported
Uganda’s Ministry of Finance has confirmed that accounts at the Bank of Uganda were hacked, though downplayed the reported scale of the theft. This announcement follows after series of reports that hackers had illicitly transferred 62 billion Ugandan shillings ($16.8 million) from the central bank.
The central bank acknowledged the breach in a statement, noting that it was awaiting the results of an investigation by the police’s Criminal Investigations Department. State Minister for Finance Henry Musasizi assured Parliament that the situation was under review, with both the Auditor General and law enforcement agencies probing the matter.
“It is true our accounts were hacked, but not to the extent of what is being reported. When this happened, we instituted an audit and an investigation,” Musasizi stated. “To avoid misrepresentation of facts, I request patience until the audit is finalized, which is now at the tail-end.”
Local media, citing unnamed sources, reported that a hacking group known as “Waste,” allegedly based in Southeast Asia, was responsible for the cyberattack. New Vision claimed that the group transferred funds to accounts in Japan and the UK.
According to reports, the Bank of Uganda has managed to recover more than half of the stolen money. UK authorities reportedly froze $7 million of the stolen funds, though a portion had already been withdrawn. Additionally, the hackers are said to have successfully moved $6 million to Japan.
Meanwhile, Daily Monitor provided a differing account, estimating the stolen amount at 47.8 billion Ugandan shillings ($13 million). The newspaper suggested possible collusion by insiders and reported that UK authorities had intervened to freeze part of the stolen funds.
The breach has sparked outrage among lawmakers, with Opposition MP Joel Ssenyonyi calling for greater transparency regarding the incident. “This is an attack on the central bank, and we need clarity on the extent of the breach and measures being taken to prevent such incidents in the future,” Ssenyonyi said.
Cyberattacks on financial institutions are not new to Uganda. However, police have noted that many banks are reluctant to publicize such breaches, fearing reputational damage and customer backlash.
This latest incident underscores the vulnerabilities in Uganda’s financial systems and the growing need for robust cybersecurity measures to safeguard national assets. Lawmakers and officials await the conclusion of the ongoing investigations to determine the full extent of the breach and recovery efforts.
