A staggering $16.2 million from the Financial institution of Uganda (BoU) was wired into suspect accounts in Japan, audit exhibits.
Uganda’s Auditor-Normal fingers systemic flaws and attainable legal intent within the November 2024 cyber heist.
Parliament has now forwarded the file for additional investigantion by Uganda’s Directorate of Felony Investigations (CID).
In a high-stakes digital heist, hackers infiltrated Uganda’s treasury techniques, siphoning off a staggering $16.2 million (roughly USh60 billion) from the Financial institution of Uganda (BoU). The theft, first reported in November 2024, despatched shockwaves throughout the nation, prompting a forensic audit by the Auditor-Normal.
The findings of this audit have since ignited intense investigations by the Directorate of Felony Investigations (CID), laying naked the vulnerability of Uganda’s monetary techniques.
Auditor-Normal report on $16.2 million cyber theft
The explosive revelations landed in Parliament on January 9, 2025, the place Authorities Chief Whip Denis Hamison Obua offered the Auditor-Normal’s report. The report painted a grim image of systemic flaws and alleged legal intent within the administration of public funds.
Speaker of Parliament Anita Amongst, after consulting with President Yoweri Museveni, directed the report back to the CID for a deeper investigation.
“Trying on the elements of the report, they’re legal in nature. Due to their criminality, we are going to direct this report back to the CID for additional administration,” mentioned Amongst, underscoring the gravity of the state of affairs.
Nonetheless, not all lawmakers agreed with this strategy. Ndorwa County East MP Wilfred Niwagaba and Tororo North County MP Geofrey Ekanya urged that parliamentary committees scrutinize the report earlier than it was handed over to the CID. Their appeals, nevertheless, had been overruled by the Speaker, who cited want for urgency within the looming legal investigation.
How the cyber heist unfolded
The seeds of this disaster had been sown in November 2024 when media shops broke the story of hackers breaching BoU’s treasury system. These cybercriminals managed to orchestrate fraudulent transactions, with two debt servicing funds allegedly funneled to incorrect beneficiaries in far off Japan.
BoU Deputy Governor Michael Atingi-Ego later disclosed to the Committee on Commissions, Statutory Authorities, and State Enterprises (COSASE) that these faulty funds had been the results of a defective directive from the Ministry of Finance, Planning, and Financial Growth.
He additionally revealed that $8.2 million of the stolen funds had been recovered, providing a glimmer of hope in an in any other case hopeless state of affairs.
Authorities downplays the harm
In a bid to include the fallout, State Minister for Finance Henry Musasizi addressed Parliament, admitting that the central financial institution accounts had certainly been hacked. Nonetheless, he contested the reported determine, claiming the quantity stolen was lower than $16.2 million.
Regardless of these assurances, public confidence within the authorities’s means to safeguard nationwide sources has taken a major hit.
The theft has triggered widespread requires accountability, with critics questioning the integrity of Uganda’s monetary techniques and the effectiveness of its cybersecurity measures. Opposition Chief Joel Ssenyonyi, whose preliminary issues prompted the forensic audit, has referred to as for larger transparency and stricter oversight of the central financial institution.
“This can be a wake-up name for all of us,” Ssenyonyi acknowledged. “We can not afford to have such obtrusive vulnerabilities in our monetary techniques. The federal government should make sure that these liable for this debacle are held accountable.”
Uganda’s cybersecurity measures within the highlight
The BoU heist has highlighted the rising risk of cybercrime in an more and more digital world. Consultants warn that Uganda, like many creating international locations, faces vital challenges in combating subtle cyberattacks. The incident serves as a stark reminder of the necessity for strong cybersecurity infrastructure and proactive threat administration methods.
Because the CID takes over the investigations, the general public expects not simply the culprits behind the heist but additionally an inside view concerning the systemic lapses that made such a brazen act attainable. Lawmakers and residents alike are demanding justice and reforms to forestall related incidents sooner or later.
For the BoU, the heist is a wake-up name to reassess its inside controls and cybersecurity measures. The central financial institution’s means to recuperate a part of the stolen funds is commendable, however it’s clear that extra must be performed to revive public belief.
The theft of $16 million from Uganda’s treasury is greater than only a monetary scandal; Uganda should fortify its defenses in opposition to the ever-evolving risk of cybercrime.
Learn additionally: Uganda and Tanzania erupt in protests over $10Bn oil pipeline deal