Naivas regrets to announce that alongside many corporates and organization’s in and outside Kenya, they have been the victims of a ransomware attack by an online criminal organization (Threat Actor), terming the action as unlawful intrusion may have compromised some of it’s data.
Naivas through a statement read that it has contained this attack, and the systems are secure and operations are normal.
On becoming aware of the attack, Naivas took immediate steps to prevent external access and engaged leading cybersecurity experts CrowdStrike to ensure system integrity.
Statement reads that the process is complete and systems are secure.
“We are cooperating with the relevant law enforcement agencies, as they investigate this and the many current ransomware attacks in Kenya.” Naivas statement reads.
Naivas has been made aware that the Threat actor has claimed to have stolen some of Naivas data and is alleging that this may be published in due course.
Statement however reads that; “We and law enforcement agencies are monitoring this closely. Naivas has also informed the Office of the Data Protection Commissioner Kenya of this incident.”
Naivas has cconfirmed that they do not hold any credit card/debit card information on there ystems, and that such payment information is handled securely and protected through Secure Sockets Layer (SSL) encryption.
Naivas has further denied any claims purporting to have stolen data saying its malicious allegations.
“At this moment, we are not aware of any malicious use of stolen data. However, it is recommended in the face of this type of situation to pay particular attention to any phishing attempts (by phone, SMS or email) as well as to the sufficient security of passwords.” Naivas statement reads.
Finally the statement states that all Naivas information is securely kept and stored.
“We at Naivas we take the protection of personal information very seriously. Please accept our deepest apologies for the worry and inconvenience that this criminal activity may cause.”
