Fraud teams from the police and the industry regulator are investigating the hacking of the database of Nyeri-based Biashara Sacco that led to the sending of messages asking members to withdraw their funds.
Sacco chairman Kamau Njamuku said the Sacco Societies Regulatory Authority (Sasra) and the police cyber crime unit are conducting a forensic audit to determine what happened.
“On August 11, 2019, at around 2.30am in the morning, our third party’s system provider for short message service systems was intruded and prompted to send to some of our members a malicious message,” said Mr Njamuku.
The message called for members to withdraw their funds as the sacco was due to close on August 31.
Speaking to the Business Daily yesterday, Mr Njamuku said the text message was sent to 2,000 members out of its more than 120,000 members, causing a panic.
“Closure of sacco cannot be decided by the board of directors. Such a move has to go through the commissioner of co-operatives, Sasra and the sacco members have to approve in the annual general meeting or a special general meeting,” he explained.
According to the co-operatives policies and regulations, such a major decision affecting a registered sacco is usually communicated by public notice.
Mr Njamuku blamed the message on a syndicate of cybercriminals, saying it has engaged private system auditors to investigate and report back the source of the “malicious” message.
Biashara Sacco, which was established in 2006 by about 200 business community members in Nyeri town, currently has a capital base of at least Sh1.5 billion. The sacco has branches in Nairobi, Nyeri, Laikipia, Kiambu and Embu counties.
Mr Njamuku said plans were underway to expand its branch network in other counties.
The government has previously urged saccos to be vigilant against cybercrime by investing more resources in the security of deposits and exercising prudent management.