top of page

SUCCESS PROJECT: SSS NEUTRALISES DATA BREACH & RECOVERS CRITICAL INFRASTRUCTURE WITHIN 13 MINUTES

  • 3 hours ago
  • 4 min read

PLEASE SHARE THIS PUBLIC DOCUMENT

In recent weeks, South Africa has been targeted by a large-scale, coordinated cyber extortion campaign,

with Distributed Denial of Service (DDoS) attacks crippling multiple internet infrastructure providers.

Among those affected were undersea cable operator Seacom, web hosts such as Host Africa, Domains.co.za

Xneelo, 1-Grid, Liquid Intelligent Technologies, and infrastructure provider Network Platforms.

News publications and government services also experienced intermittent outages.

RECENT DOWN DETECTOR ACTIVITY DURING ONGOING ATTACKS:

On Wednesday, 20 May 2026, during the height of this ongoing campaign, Specialised Security Services (SSS) detected a sophisticated cyberattack targeting its own digital infrastructure. The attack combined a high-volume DDoS assault—intended to disrupt service availability—with an active data breach attempt designed to exfiltrate sensitive information.


The SSS Cybercrime unit is thoroughly prepared for such incidents owing to the rapid increase of cyber threats in South Africa, and immediately activated its incident response protocols. The ongoing DDoS attack temporarily impacted the availability of the SSS Project system, but the data breach attempt was identified and blocked within minutes.


No data loss or data breach occurred during the incident.


SSS successfully recovered all critical online infrastructure within 13 minutes of detection. The threat was eliminated, systems were restored, and continuity was maintained.

This attack is part of ongoing cyber threats targeting South African infrastructure over the past several weeks. A group identifying itself as "Black Matter" has claimed responsibility for similar attacks targeting other South African companies. At this stage, it cannot be verified that the original Black Matter group is involved, as they have been inactive for years. It is suspected that the current group is a copycat group—either attempting to capitalise on an infamous name or deliberately creating a false flag to obscure their true identity.


The SSS Cyber unit has noted that ransom demands in some of the attacks were as low as R16,000 in cryptocurrency, which is unusually low given the immense scale of the attacks (peaks exceeding 1 Tbps in some cases). This has raised concerns that the campaign may be about more than money, potentially serving to test South Africa's internet and security infrastructure, or to probe for data theft vulnerabilities.

PUBLIC WARNING AND APPEAL:

SSS warns all South African organisations—particularly web hosts, telecom providers, financial institutions, and government entities—that the current wave of DDoS attacks may be a diversion for simultaneous data breach attempts. Do not assume that a DDoS attack is purely a denial-of-service incident.

Any organisation experiencing unexplained network degradation, unusual outbound traffic, or DDoS activity should immediately initiate breach detection protocols.

SSS urges the public and private sectors not to pay ransoms to the "Black Matter" copycat group without forensic validation, as such payments may fund further attacks or encourage copycat criminal enterprises.

STATEMENT FROM THE SSS CYBERCRIME UNIT:

"In successfully blocking this data breach and recovering our critical infrastructure within 13 minutes, the SSS Cybercrime unit has demonstrated that preparation, not panic, is the strongest defence against modern cyber threats.

Our goal is not merely to protect SSS—it is to share our methodology, assist law enforcement, and help other South African organisations to avoid becoming victims of this ongoing campaign.

It is only for this reason that we are disclosing the details of this incident: to warn others, to encourage cooperation with authorities, and to help bring an end to this wave of cyber extortion targeting our nation."

THE INVESTIGATION OF THIS MATTER IS ONGOING.

IF YOU HAVE INFORMATION, PLEASE CONTACT OUR SSS SPECIALIST INVESTIGATOR:


MR. ANTHONY BOUCHER

Contact Number: +27 64 747 3323

Specialised Security Services invites the public to the Mike Bolhuis Daily Projects WhatsApp Channel.

This channel is important in delivering insights into the latest crime trends, awareness, warnings and the exposure of criminals.


How to Join the WhatsApp Channel:

1. Make sure you have the latest version of WhatsApp on your device.

2. Click on the link below to join the Mike Bolhuis Daily Projects WhatsApp Channel:

3. Follow the prompts to join the channel.

4. Make sure you click on "Follow", then click on the "bell"-icon (🔔)

CONTACT MR MIKE BOLHUIS FOR SAFETY AND SECURITY MEASURES, PROTECTION, OR AN INVESTIGATION IF NEEDED.

ALL INFORMATION RECEIVED WILL BE TREATED IN THE STRICTEST CONFIDENTIALITY AND EVERY IDENTITY WILL BE PROTECTED.

Regards,

Mike Bolhuis

Specialist Investigators into

Serious Violent, Serious Economic Crimes & Serious Cybercrimes

PSIRA Reg. 1590364/421949

Mobile: +27 82 447 6116

Fax: 086 585 4924

Follow us on Facebook to view our projects -


EXTREMELY IMPORTANT: All potential clients need to be aware that owing to the nature of our work as specialist investigators there are people who have been caught on the wrong side of the law - who are trying to discredit me - Mike Bolhuis and my organisation Specialised Security Services - to get themselves off the hook. This retaliation happens on social media and creates doubt about our integrity and ability. Doubt created on social media platforms is both unwarranted and untrue. We strongly recommend that you make up your minds concerning me and our organisation only after considering all the factual information - to the exclusion of hearsay and assumptions. Furthermore, you are welcome to address your concerns directly with me should you still be unsatisfied with your conclusions. While the internet provides a lot of valuable information, it is also a platform that distributes a lot of false information. The distribution of false information, fake news, slander and hate speech constitutes a crime that can be prosecuted by law. Your own research discretion and discernment are imperative when choosing what and what not to believe.


STANDARD RULES APPLY: Upon appointment, we require a formal mandate with detailed instructions. Please take note that should you not make use of our services – you may not under any circumstance use my name or the name of my organisation as a means to achieve whatever end.


POPI ACT 4 of 2013 South Africa: Mike Bolhuis' "Specialised Security Services" falls under Section 6 of the act. Read more here: https://mikebh.link/fntdpv

SSS TASK TEAM:

Copyright © 2015- PRESENT | Mike Bolhuis Specialised Security Services | All rights reserved.


Our mailing address is:

Mike Bolhuis Specialised Security Services

PO Box 15075 Lynn East

Pretoria, Gauteng 0039

South Africa

Add us to your address book


THIS PUBLIC DOCUMENT WAS INTENDED TO BE SHARED, PLEASE DO SO.

CONTACT US

Pretoria, 75 Wapad, Leeuwfontein Estate, Roodeplaat, 0186, South Africa

​​

E-mail: mike@mikebolhuis.co.za
Mobile: 082 447  6116
International: +27 82 447 6116
Fax: 086 585 4924

  • Instagram
  • Facebook
  • YouTube
  • TikTok
chat with mike bolhuis on whatsapp

Thanks for submitting!

Copyright © mikebolhuis.co.za

MLB DIENSTE CC Reg: 1995/036819/23

PSIRA Reg: 1590364/421949

Rules of engagement

Web design by Mike Bolhuis Cybercrime Unit

bottom of page