No Network Breach at SANSA

On 6 September 2021, SANSA was notified of a possible breach of the IT system. A file consisting of SANSA information was shared by a third party in the public domain.

An internal investigation was conducted, and it was determined that no network breach occurred. The file dump was from the public anonymous FTP server containing data that is already in the public domain and is active at the SANSA Hermanus facility. This SANSA-sanctioned public FTP server hosts public domain research data, papers and other miscellaneous files

This public FTP server was previously used to share files too large for e-mail or other distribution methods. Some student application information from 2016 was contained in a zip archive.

The following steps are being taken:

  • The public anonymous access of the FTP server has been completely removed
  • The Information regulator is being notified
  • The affected parties are being notified

The takedown requests have been sent to sites and domains hosting the data; however, the data might appear on certain internet sites. Most of the data is information that can be accessed in the public domain as it refers to research-related work in Space Science.

No further attempts have been made to access SANSA data and all data security protocols are in place

SANSA confirms that NO data has been stolen. SANSA was not under threat of a ransomware attack and no ransom demands have been received.


For more information contact:

Daleen Fouche, Communications Practitioner

Vaneshree Maharaj, Communications Manager

Vaneshree Maharaj