Home > Security > Security News

Senegal Confirms National ID Agency Breach After Ransomware Attack, Threat Actors Claim Stealing 139 GB of Data

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Ransomware
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google
Key Takeaways
  • System Disruption: A cybersecurity incident forced the temporary suspension of operations at Senegal's Directorate of File Automation (DAF), the agency managing national ID cards and passports.
  • Ransomware Claim: A group known as Green Blood Group has claimed responsibility, alleging the theft of 139 GB of data, including citizen database records and biometric information.
  • Third-Party Confirmation: The breach appears to have been confirmed via an email from IRIS Corporation Berhad, which detailed the initial server compromise on January 19.

The government of Senegal has confirmed a significant cybersecurity incident affecting its Directorate of File Automation (DAF), the office responsible for managing national ID cards, passports, and other sensitive biometric data. The attack forced the agency to suspend its operations, disrupting services for the country's 19.5 million residents. 

Yet, a senior police official stated that the "integrity" of citizen data remains intact as they work to restore systems.

Green Blood Group Ransomware Claims

The public disclosure follows claims of a major data breach by a ransomware actor, identifying itself as the Green Blood Group, which emerged recently and targets Senegal, India, and Colombia. The group alleges it exfiltrated 139 GB of data from DAF's servers, including:

DAF announcement | Source: DAF on X
DAF announcement | Source: DAF on X
Hackers claimed the DAF breach | Source: Gambiaj
Hackers claimed the DAF breach | Source: Gambiaj

As proof, the hackers shared data samples and an email from a senior manager at IRIS Corporation Berhad, a Malaysian technology firm contracted for Senegal's digital ID cards. The email, dated January 20, alerted Senegalese officials that two DAF servers had been breached a day earlier, with card personalization data stolen from one. 

The DAF website remained offline as of February 9, 2026.

Implications for Biometric Data Security

This breach underscores the critical vulnerabilities surrounding biometric data security, particularly within national identity systems. The targeting of government ID databases is a growing trend, with similar incidents reported in countries like Argentina and Estonia. 

The compromise of such sensitive information poses substantial risks, from mass identity theft to threats against national security. 

The incident in Senegal serves as a stark reminder for governments globally to reinforce their defenses and audit the security postures of third-party technology partners involved in critical infrastructure projects.

Add a Comment
Related
vulnerability
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
stalker
Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Cyber Job Moves: Global Security Leaders Shift Roles Across Tech, Government, and Healthcare
Possible EgyptAir Cyberattack: 104,000 Records and Sensitive Documents Allegedly For Sale
UNC3886 Cyber Espionage Group Linked to Singapore Telecom Infrastructure Cyberattacks: Singtel, StarHub, M1, Simba Telecom
Exploiting the Single Edge of the Sword That Is AI 
Most Popular
vulnerability
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
stalker
Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Cyber Job Moves: Global Security Leaders Shift Roles Across Tech, Government, and Healthcare
Possible EgyptAir Cyberattack: 104,000 Records and Sensitive Documents Allegedly For Sale
UNC3886 Cyber Espionage Group Linked to Singapore Telecom Infrastructure Cyberattacks: Singtel, StarHub, M1, Simba Telecom
Exploiting the Single Edge of the Sword That Is AI 
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Cyber Job Moves: Global Security Leaders Shift Roles Across Tech, Government, and Healthcare
Possible EgyptAir Cyberattack: 104,000 Records and Sensitive Documents Allegedly For Sale
UNC3886 Cyber Espionage Group Linked to Singapore Telecom Infrastructure Cyberattacks: Singtel, StarHub, M1, Simba Telecom
Exploiting the Single Edge of the Sword That Is AI 

Most Popular
vulnerability
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
stalker
Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Cyber Job Moves: Global Security Leaders Shift Roles Across Tech, Government, and Healthcare
Possible EgyptAir Cyberattack: 104,000 Records and Sensitive Documents Allegedly For Sale
UNC3886 Cyber Espionage Group Linked to Singapore Telecom Infrastructure Cyberattacks: Singtel, StarHub, M1, Simba Telecom
Exploiting the Single Edge of the Sword That Is AI 
Ivanti Zero-Day Vulnerabilities Exploited in Global Cyberattacks, Dutch Government Breached, Possibly European Commission
Stalkerware Data Breach: Hacktivist Leaks Over 530,000 Customer Records
Cyber Job Moves: Global Security Leaders Shift Roles Across Tech, Government, and Healthcare
Possible EgyptAir Cyberattack: 104,000 Records and Sensitive Documents Allegedly For Sale
UNC3886 Cyber Espionage Group Linked to Singapore Telecom Infrastructure Cyberattacks: Singtel, StarHub, M1, Simba Telecom
Exploiting the Single Edge of the Sword That Is AI 

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2026 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: