Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Gauteng Provincial Government

Gauteng Provincial Government Vendor Cyber Rating & Cyber Score

gautengonline.gov.za

Mandate of the Gauteng Provincial Government The Premier is the executive authority of the province, who is sometimes exercised together with members of the executive council. The Premier, working with the executive council, exercises executive power by: implementing provincial legislation in the province implementing national legislation administering national legislation in the province, if assigned by parliament developing and implementing provincial policy coordinating the functions of the provincial administration and its departments performing any other function assigned to the provincial executive in terms of the constitution or law Mission To support the Premier and Executive Council in implementing Gauteng


GPG A.I CyberSecurity Scoring

GPG
Company Information
Website:http://www.gautengonline.gov.za
Employees number:6,207
Number of followers:12,344
NAICS:92
Industry Type:Government Administration
Homepage:gautengonline.gov.za
GPG Risk Score (AI oriented)
Between 600 and 649
logo
GPGGovernment Administration
Updated:
17/03/2026
641/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
GPG Global Score (TPRM)
xxxx
logo
GPGGovernment Administration
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

GPG
GPGPoor
Current Score
641Caa (POOR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
650Before Incident
JUNE 2026
648Before Incident
MAY 2026
645Before Incident
APRIL 2026
644Before Incident
MARCH 2026
641Before Incident
FEBRUARY 2026
639Before Incident
JANUARY 2026
637Before Incident
DECEMBER 2025
635Before Incident
NOVEMBER 2025
632Before Incident
OCTOBER 2025
629Before Incident
SEPTEMBER 2025
627Before Incident
AUGUST 2025
624Before Incident
DECEMBER 2024
771Before Incident
Ransomware
01 Dec 2024GPG
Gauteng Provincial Government: Gauteng was lucky with latest 3.8TB data breach, but the luck will run out

Gauteng Provincial Government Hit by Massive Ransomware Breach Exposing 3.8TB of Citizen Data

597After Incident
CRITICAL-174
GAU1773786805
Gauteng Provincial Government Hit by Massive Ransomware Breach Exposing 3.8TB of Citizen Data A newly emerged ransomware group, XP95, has leaked 3.8 terabytes of sensitive data stolen from the Gauteng Provincial Government, exposing millions of personal records. The breach, confirmed by threat intelligence firm Darknotify, includes 3,673,556 files among them high-resolution ID documents, passports, and CVs likely belonging to job seekers who submitted applications to the province. The attackers, operating under a Ransomware-as-a-Service (RaaS) model, have demanded $25,000 (R417,300) for the return of the data. To validate their claim, they released a 1.8GB sample of the stolen files on the dark web. Gauteng Premier Panyaza Lesufi acknowledged the breach, stating that internal security protocols had been activated, while spokesperson Elijah Mhlanga urged against speculation. Forensic analysis by Darknotify revealed the breach likely originated from an unsecured, internet-facing scanner server a critical oversight that bypassed the need for phishing or social engineering. The incident underscores a deeper systemic failure: 70% of Gauteng’s network devices (1,734 units) had reached end-of-service (EOS), and its core infrastructure hit end-of-life in December 2024, leaving it vulnerable for over a year. South Africa faces an average of 2,145 cyberattacks per week, making such breaches statistically inevitable. However, the root cause extends beyond technical neglect. Bureaucratic inefficiency, particularly reliance on the State Information Technology Agency (Sita) for IT procurement, has left departments trapped with outdated systems. Meanwhile, the Gauteng government has prioritized high-profile projects such as CCTV surveillance, drones, and a panic-button app over fortifying its digital backbone, expanding its attack surface without addressing core vulnerabilities. The breach follows a pattern of state cybersecurity failures in South Africa, including attacks on City Power, the Department of Justice, and the National Health Laboratory Service. While Gauteng’s exposure of citizen data is severe, the compromised server was isolated not tied to critical infrastructure like treasury systems or power grids. Experts warn that without urgent upgrades, a more targeted attack could have far graver consequences. The incident reveals a perfect storm of neglect: obsolete hardware, misallocated budgets, and a severe shortage of cybersecurity talent, with only one in three public sector cybersecurity roles filled. Gauteng’s breach may have been a near-miss, but the underlying weaknesses remain unaddressed.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain (ransom demand)
IMPACT
Data Compromised: 3.8TB (3,673,556 files)Systems Affected: Unsecured scanner server, Gauteng Provincial Government networkOperational Impact: Internal security protocols activated, potential disruption to government servicesBrand Reputation Impact: Severe (exposure of citizen data, public acknowledgment of breach)Identity Theft Risk: High (exposure of ID documents, passports, and CVs)
DATA BREACH
ID documentsPassportsCVsNumber Of Records Exposed: 3,673,556 filesSensitivity Of Data: High (personally identifiable information, government-related data)Data Exfiltration: Yes (3.8TB leaked, 1.8GB sample released on dark web)High-resolution imagesPDFsDocumentsPersonally Identifiable Information: Yes (ID documents, passports, CVs)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for GPG ?
?
What was GPG's A.I Rankiteo Cyber Score in June 2026 ?
?
What was GPG's A.I Rankiteo Cyber Score in May 2026 ?
?
What was GPG's A.I Rankiteo Cyber Score in April 2026 ?
?
What was GPG's A.I Rankiteo Cyber Score in March 2026 ?
?
What was GPG's A.I Rankiteo Cyber Score in February 2026 ?
?
What was GPG's A.I Rankiteo Cyber Score in January 2026 ?
?
What was GPG's A.I Rankiteo Cyber Score in December 2025 ?
?
What was GPG's A.I Rankiteo Cyber Score in November 2025 ?
?
What was GPG's A.I Rankiteo Cyber Score in October 2025 ?
?
What was GPG's A.I Rankiteo Cyber Score in September 2025 ?
?
What was GPG's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on GPG's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with GPG ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view GPG's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?