GPG A.I CyberSecurity Scoring
GPG
Company Information
Website:http://www.gautengonline.gov.za
Employees number:6,207
Number of followers:12,344
NAICS:92
Industry Type:Government Administration
Homepage:gautengonline.gov.za
GPG Risk Score (AI oriented)
Between 600 and 649
GPGGovernment Administration
Updated:
17/03/2026
17/03/2026
641/1000
Poor
Caa
GPG Global Score (TPRM)
xxxx
GPGGovernment Administration
Score locked

GPGPoor
Current Score
641Caa (POOR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
650
JUNE 2026
648
MAY 2026
645
APRIL 2026
644
MARCH 2026
641
FEBRUARY 2026
639
JANUARY 2026
637
DECEMBER 2025
635
NOVEMBER 2025
632
OCTOBER 2025
629
SEPTEMBER 2025
627
AUGUST 2025
624
DECEMBER 2024
771
Ransomware
01 Dec 2024 • GPG
Gauteng Provincial Government: Gauteng was lucky with latest 3.8TB data breach, but the luck will run out
Gauteng Provincial Government Hit by Massive Ransomware Breach Exposing 3.8TB of Citizen Data
597
CRITICAL-174
GAU1773786805
Gauteng Provincial Government Hit by Massive Ransomware Breach Exposing 3.8TB of Citizen Data
A newly emerged ransomware group, XP95, has leaked 3.8 terabytes of sensitive data stolen from the Gauteng Provincial Government, exposing millions of personal records. The breach, confirmed by threat intelligence firm Darknotify, includes 3,673,556 files among them high-resolution ID documents, passports, and CVs likely belonging to job seekers who submitted applications to the province.
The attackers, operating under a Ransomware-as-a-Service (RaaS) model, have demanded $25,000 (R417,300) for the return of the data. To validate their claim, they released a 1.8GB sample of the stolen files on the dark web. Gauteng Premier Panyaza Lesufi acknowledged the breach, stating that internal security protocols had been activated, while spokesperson Elijah Mhlanga urged against speculation.
Forensic analysis by Darknotify revealed the breach likely originated from an unsecured, internet-facing scanner server a critical oversight that bypassed the need for phishing or social engineering. The incident underscores a deeper systemic failure: 70% of Gauteng’s network devices (1,734 units) had reached end-of-service (EOS), and its core infrastructure hit end-of-life in December 2024, leaving it vulnerable for over a year.
South Africa faces an average of 2,145 cyberattacks per week, making such breaches statistically inevitable. However, the root cause extends beyond technical neglect. Bureaucratic inefficiency, particularly reliance on the State Information Technology Agency (Sita) for IT procurement, has left departments trapped with outdated systems. Meanwhile, the Gauteng government has prioritized high-profile projects such as CCTV surveillance, drones, and a panic-button app over fortifying its digital backbone, expanding its attack surface without addressing core vulnerabilities.
The breach follows a pattern of state cybersecurity failures in South Africa, including attacks on City Power, the Department of Justice, and the National Health Laboratory Service. While Gauteng’s exposure of citizen data is severe, the compromised server was isolated not tied to critical infrastructure like treasury systems or power grids. Experts warn that without urgent upgrades, a more targeted attack could have far graver consequences.
The incident reveals a perfect storm of neglect: obsolete hardware, misallocated budgets, and a severe shortage of cybersecurity talent, with only one in three public sector cybersecurity roles filled. Gauteng’s breach may have been a near-miss, but the underlying weaknesses remain unaddressed.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for GPG ??
What was GPG's A.I Rankiteo Cyber Score in June 2026 ??
What was GPG's A.I Rankiteo Cyber Score in May 2026 ??
What was GPG's A.I Rankiteo Cyber Score in April 2026 ??
What was GPG's A.I Rankiteo Cyber Score in March 2026 ??
What was GPG's A.I Rankiteo Cyber Score in February 2026 ??
What was GPG's A.I Rankiteo Cyber Score in January 2026 ??
What was GPG's A.I Rankiteo Cyber Score in December 2025 ??
What was GPG's A.I Rankiteo Cyber Score in November 2025 ??
What was GPG's A.I Rankiteo Cyber Score in October 2025 ??
What was GPG's A.I Rankiteo Cyber Score in September 2025 ??
What was GPG's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on GPG's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with GPG ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view GPG's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?