A major cybersecurity incident has temporarily disrupted operations at AVBOB, a leading South African funeral and insurance provider, as the organization works to recover compromised digital systems.
The breach, which targeted the company’s IT infrastructure, has affected online platforms and necessitated a shift to manual procedures at over 300 branches across the country. Clients seeking to process claims, access accounts, or submit premium payments have encountered service delays.
In a statement, an AVBOB spokesperson confirmed that the Information Regulator has been formally notified and that a thorough data audit is underway. “We cannot confirm if this incident is a ransomware attack or a data breach as investigations are underway to establish the exact nature of the incident and how many customers have been potentially affected,” the spokesperson said. “We are currently still performing an audit on the data and to establish the full extent of the impact on our customers. We would rather not speculate before this process has been completed.”
While AVBOB has not validated external reports, some staff members have circulated unconfirmed claims suggesting a ransomware element, including allegations that individuals posing as journalists have made financial demands. The company stresses that all such reports remain subject to ongoing forensic review.
The incident aligns with broader trends identified by cybersecurity professionals, who note a sharp rise in both the frequency and complexity of attacks aimed at corporate and public-sector digital assets. “We have to understand that the hackers, the bad guys, their core business is to try to get into our enterprises, our companies, and our public sector, state-owned entities,” explained one cybersecurity specialist. “That’s their core business, which means 24 hours a day, all they’re trying to do is get lucky once. So they’re all ahead in terms of how they utilize the information, how they use the data tool sets, and they are far ahead of us who are still coming up with ways to structure the business and structure the tool sets so that other people within our businesses can derive value.”
The role of artificial intelligence in amplifying cyber threats was also highlighted. “AI being used by the bad guys is just trying to do the exact same thing the bad guys were doing before,” noted a security expert. “It’s trying to get into your business, hold you up for ransom, extract your key data, and stop your operations. They’re just doing it faster and with better tools. So, let’s set up those different defense lines so that we can try to contain it as quickly and as rapidly as possible.”
AVBOB has assured the public that all physical branches continue to operate and that no policyholder will face penalties for delays attributable to the system outage. However, the company has not yet announced a projected timeline for the complete restoration of digital services.
“We sincerely apologize for the inconvenience caused and thank our clients and partners for their patience and understanding,” the AVBOB spokesperson added.
As the investigation progresses, the event has intensified scrutiny on cybersecurity preparedness across South Africa’s private and public sectors, reinforcing calls for stronger digital resilience strategies.