Uganda’s Ministry of Finance has confirmed a cyberattack on the country’s central bank systems.
The incident, which occurred two weeks ago, is currently under investigation by the Auditor General and the Criminal Investigations Department (CID).
Speaking to lawmakers on Thursday, Minister of State for Finance, Henry Musasizi, acknowledged the breach but downplayed the reported losses.
“It is true that our account was hacked, but not to the extent of what is being reported,” Musasizi said.
He assured Parliament that a full report would be presented in a month, urging patience to avoid the spread of misinformation.
Both the Bank of Uganda and police officials have refrained from commenting until investigations are concluded.
Local media reports have presented differing accounts of the amount stolen. The New Vision newspaper reported that a hacking group known as “Waste,” allegedly based in Southeast Asia, siphoned off 62 billion Ugandan shillings (approximately $17 million).
The Daily Monitor newspaper placed the stolen amount at 47.8 billion shillings (about $13 million), stating that the funds were transferred to accounts in Japan and the UK.
According to the Monitor, UK authorities have frozen $7 million of the stolen funds, though a portion had already been withdrawn. The syndicate is also reported to have successfully moved $6 million to Japan.
The breach has raised significant concerns among lawmakers. Opposition MP Joel Ssenyonyi expressed alarm over the attack on the central bank and called for more clarity.
“It alarmed me because this is our central bank. I thought the government should help us understand; it is important that we know what exactly is happening,” Ssenyonyi told Parliament
