The South African Social Security Agency (Sassa) grants for December are to be paid out next week.
The agency distributes permanent social grants to over 27 million people in the country every month.
Sassa provided some early festive cheer for beneficiaries of the Social Relief of Distress (SRD) grant by processing payments before the festive public holidays. Payments of the R370 grant are generally made at the end of every month from the 25th.
Sassa grant payment dates for December 2024
ALSO READ: December Sassa SRD grant: Early Christmas present for beneficiaries
Sassa grant amounts:
Number of Sassa recipients (by August 2024):
Investigations by the Department of Social Development unveiled alarming security vulnerabilities following the digital issues about the SRD system raised by two Stellenbosch students.
Investigative firm Masegare & Associates Incorporated revealed its findings in Parliament on Wednesday. These included critical security gaps that could expose sensitive data to potential cyber-attacks.
It was found that the Sassa online system currently does not have encryption for sensitive data such as IDs, permits, or banking details.
Several serious flaws were discovered during a subsequent system evaluation, including insufficient data encryption, incorrect server setups, poor authentication procedures, and missing security headers.
ALSO READ: Someone claiming a Sassa grant in your name? Here’s what to do
In addition, system flaws were discovered in the areas of exposed system directories, numerous apps per mobile number, and login security, where the “login page is vulnerable to automated attacks where hackers can repeatedly guess passwords to access sensitive accounts.”
“The medium threat level classification indicates that while the system is not at high risk, there are still important vulnerabilities that need to be addressed to ensure its security,” explained Masegare & Associates’ Stanley Matshote.
Matshote stated that these vulnerabilities, even though they were categorised as medium risk, presented a considerable danger of unauthorised access to information, system interruptions, and non-compliance with data protection regulations.
The investigation found that several security issues include system setups that permit unauthorised access and login pages that are susceptible to automated assaults.
Additionally, weak content security policies, exposed system directories, and unprotected backup files were some of the loopholes.
Additional reporting by Enkosi Selane and Cornelia Le Roux.
NOW READ: CYBER ATTACKS: Sassa SRD grant beneficiaries IDs, permits and banking details may not be safe
Download our app and read this and other great stories on the move. Available for Android and iOS.