TechTarget and Informa Tech’s Digital Business Combine. Dark Reading Resource Library Black Hat News Omdia Cybersecurity Advertise NEWSLETTER SIGN-UP Cybersecurity Topics World The Edge DR Technology Events Resources CYBERATTACKS & DATA BREACHES CYBER RISK DATA PRIVACY CYBERSECURITY OPERATIONS NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific Senegalese Data Breaches Expose Lack of 'Security Maturity' Green Blood Group steals personal records and biometric data of the West African nation's nearly 20 million residents. Nate Nelson, Contributing Writer February 12, 2026 5 Min Read SOURCE: CHRISTOPHE COAT VIA ALAMY STOCK PHOTO The vast majority of Senegal's adult population seems to have just lost its biometric data to hackers. On Jan. 19, a new ransomware outfit calling itself "The Green Blood Group" breached two servers at the West African nation's Directorate of File Automation (DAF), the government agency that handles passports, national ID cards, and biometric data for the country's nearly 20 million residents. It then announced its breach on the Dark Web, indicating it had exfiltrated biometric data, immigration records, and more. The risk that will follow for regular Senegalese people and businesses is significant. But Aboubacar Yacouba Mai Birni, chief operations officer (COO) at the Africa Cybersecurity Resource Center (ACRC), argues, "Rather than framing this as a failure unique to Senegal, I would say this [incident] reflects a broader African challenge: digital ambition has outpaced cybersecurity maturity." Related:Protests Don't Impede Iranian Spying on Expats, Syrians, Israelis LOADING... Right after the biometric data leaked online, this week, another Senegal government-adjacent organization fell victim to a cyberattack, according to the Dakar daily L'Observateur, as reported by other local news sites. The company, Sénégal Numérique SA, plays a key role in managing the state's digital infrastructure and modernization efforts. Local reports speculated that the timing of the two incidents might indicate a potentially wider-scale offensive. Dark Reading reached out to Sénégal Numérique SA to confirm what happened. New Cyber Gang Attacks Senegal Senegal's government first proposed a national biometric ID system in early 2015. In late 2016, it gave the job of actually implementing it to a Malaysian company, called IRIS Corporation Berhad. In the couple of years that followed, more than 7 million Senegalese citizens obtained brand new biometric IDs, according to IRIS. By 2026, the number is surely far greater. Enter The Green Blood Group, which, though brand new, has already compromised organizations in Colombia and India, in addition to Senegal. Researchers at Foresiet described it as a "technically competent" gang with a "mature ransomware design," with its own Golang-based locker and a double-extortion business model. Mid-January, The Green Blood Group attacked Senegal's national ID system, exfiltrated all that sensitive biometric data belonging to its citizenry, and began holding it ransom. According to The Gambia Journal, the attack disrupted operations at the DAF for at least five days. That disruption might have been self-imposed. In an email the day after the attack, IRIS employee Quik Saw Choo informed employees at Senegal's Ministry of Interior and Public Security — the agency of which DAF is a part — that an attack had occurred, noting that two servers were compromised. First, the organization's domain controller, from which the attackers might have been able to pursue lateral movement in the organization's network. Second, a "Perso" server, likely referring to the database where citizens' personal information is stored. Choo cited a few measures IRIS took to cut off the hackers, which might help explain the reported disruption. Clearly those mitigations didn't work well, as the Green Bloods maintained access at least long enough to obtain and later leak that internal email. Related:Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations What Happened to Everyone's Biometric Data On Feb. 4, analysts spotted the Green Bloods leak site, where it claimed to have stolen 139TB of data. That figure may have been a typo. In its ransom note to the DAF, the group referred to 139GB. French-Senegalese cybersecurity influencer Clement Domingo looked into the data, and confirmed the worst: that the attackers stole real birth records, national ID cards, and more ultra-sensitive material. On Feb. 5 — only after the Dark Web leak site went up, more than two weeks after first being alerted to the breach — the DAF publicly acknowledged what happened. To underscore the embarrassment, the official email address cited at the bottom of the open letter was a generic Yahoo address. Related:Chinese APTs Hacking Asian Orgs With High-End Malware In its letter, the DAF announced a temporary suspension of new national ID card production. It also reassured the Senegalese public that the "integrity" of their personal data remained intact — a claim that Domingo called into question. DAF did not address the most pressing issue at hand: the confidentiality of that data. Beyond all the serious, permanent risks of fraud most of Senegal's population will now be subject to, for Yacouba Mai Birni, "the most critical risk is systemic mistrust. If citizens lose confidence in the state's ability to protect their digital identity, they may resist future digital initiatives, which would undermine financial inclusion, e-government, and economic digitalization efforts across the country." Africa's Growing Pains with Biometric ID Systems From Yacouba Mai Birni's point of view, "Africa does not suffer from a lack of digital ambition. It suffers from a lack of cybersecurity maturity aligned with that ambition." Senegal's government may have had good intentions in creating a national ID system, and the system was used for perfectly acceptable state objectives. However, "From what we observe across the continent, governments often invest heavily in data collection technologies, but far less in security-by-design, long-term data governance, independent oversight, and continuous cyber-risk management. This creates a structural imbalance: the state accumulates highly sensitive data faster than it builds the institutional and technical capacity required to protect it," Yacouba Mai Birni says. Though there's no perfect model on the African continent today, some countries are more diligently marrying their biometric systems with thoughtful security controls. As just a few examples, he cites how "Mauritius has invested early in data protection authorities with real enforcement capacity. Ghana has coupled its national biometric ID system with clearer legal accountability and more consistent cybersecurity investments. And Morocco has focused on state-level cyber defense coordination for critical digital infrastructure." The only potential silver lining to Senegal's nightmare cyberattack is if, in the end, it serves as a wake-up call to other governments. "Handled correctly, this moment could mark a turning point toward more resilient and trustworthy digital states," Yacouba Mai Birni says. "Handled poorly, it risks reinforcing digital fear and dependency." Read more about: DR Global Middle East & Africa About the Author Nate Nelson, Contributing Writer Nate Nelson is a journalist and scriptwriter. He writes for "Darknet Diaries" — the most popular podcast in cybersecurity — and co-created the former Top 20 tech podcast "Malicious Life." Before joining Dark Reading, he was a reporter at Threatpost. More Insights Industry Reports ThreatLabz 2025 Ransomware Report The Total Economic Impact™ Of Zscaler Private Access (ZPA) Zscaler ThreatLabz 2025 VPN Risk Report GigaOm Radar for CNAPP The Total Economic Impact™ of Google SecOps Access More Research Webinars Ransomware and the Supply Chain: A Fireside Chat with the CISOs Who Literally Wrote the Book on Third-Party Risk The Hidden AI Attack Surface: How GenAI Tools Expand Data Exposure Risk Beyond the Model: The Expanded Attack Surface of AI Agents AI-Powered Threat Hunting: Staying Ahead of Evolving Attack Patterns AI-Powered Cloud Security Posture Management More Webinars You May Also Like CYBERATTACKS & DATA BREACHES Ghost Ransomware Targets Orgs in 70+ Countries by Elizabeth Montalbano, Contributing Writer FEB 20, 2025 CYBERATTACKS & DATA BREACHES Critical Fortinet Vuln Draws Fresh Attention by Jai Vijayan, Contributing Writer MAR 19, 2025 CYBERATTACKS & DATA BREACHES Cyberattackers Target LastPass, Top Password Managers by Nate Nelson, Contributing Writer OCT 16, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Editor's Choice THREAT INTELLIGENCE EnCase Driver Weaponized as EDR Killers Persist byRob Wright FEB 5, 2026 4 MIN READ CYBERSECURITY OPERATIONS Extra Extra! Announcing DR Global Latin America byTara Seals FEB 4, 2026 2 MIN READ CYBER RISK TransUnion's Real Networks Deal Focuses on Robocall Blocking byJeffrey Schwartz FEB 9, 2026 2 MIN READ Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars Ransomware and the Supply Chain: A Fireside Chat with the CISOs Who Literally Wrote the Book on Third-Party Risk THURS, FEB 19, 2026 AT1PM EST The Hidden AI Attack Surface: How GenAI Tools Expand Data Exposure Risk ON-DEMAND WEBINAR Beyond the Model: The Expanded Attack Surface of AI Agents THURS, FEB 26, 2026 AT 1PM EST AI-Powered Threat Hunting: Staying Ahead of Evolving Attack Patterns THURS, FEB 12, 2026 AT 11AM ET AI-Powered Cloud Security Posture Management WED, FEB 18,2026 AT 1:00PM EST More Webinars White Papers The Threat Prevention Buyer's Guide FInd the best AI-d