**Senegal Shuts National ID Office After Ransomware Attack**

In a shocking turn of events, Senegal has temporarily closed its national ID card office following a devastating ransomware cyberattack that disrupted critical services. The attack, which was confirmed by the government, targeted the Directorate of File Automation (DAF), the agency responsible for managing national ID cards, passports, and biometric data.

According to reports, the ransomware group known as "Green Blood Group" claimed responsibility for the breach, boasting that they had stolen a staggering 139 GB of sensitive data, including citizen records, biometric information, and immigration documents. To prove their claims, the hackers published a list of documents and backup files online.

The authorities have taken swift action to contain the incident, suspending operations at the ID office until further notice while officials assess the impact and work to restore services securely. In an effort to reassure citizens, the government has assured that the integrity of their data remains intact.

A peculiar twist in this story is the alleged involvement of Malaysia's IRIS Corporation, which was awarded the contract to produce Senegal's digital National Identification Cards (CNI). According to sources, once the breach was detected, Iris Corporation requested that DAF shut down all systems while they prepared to dispatch their technical team to Dakar.

This request has raised eyebrows and sparked questions about a possible link between the commercial dispute and the cyberattack. While no official confirmation has been made, authorities have yet to attribute responsibility or detail the scope of any data compromise.

**The Incident Unfolds**

On January 19th, hackers breached two DAF servers, stealing sensitive card personalization data from one server. IRIS Corporation swiftly responded by cutting network access to the compromised server, changing passwords on the other, and blocking foreign mission connections.

In an email dated January 20th, Quik Saw Choo, Senior General Manager at IRIS Corporation, informed Senegalese officials that Malaysian cybersecurity experts were assisting in the investigation. Choo stated that their team planned to travel to Dakar on January 22nd to investigate and fix the issue.

**A Growing Concern**

The cyberattack comes amid an ongoing standoff between the Senegalese state and IRIS Corporation, which has been awarded a lucrative contract to produce digital ID cards. The dispute centers around unpaid invoices, raising concerns about potential conflicts of interest and data security.

As the situation continues to unfold, authorities must navigate the complex web of commercial disputes and cybersecurity threats to ensure the integrity of Senegal's citizens' data and maintain public trust in the nation's digital ID system.

**Stay Informed**

Follow our coverage on Twitter: @securityaffairs and Facebook for the latest updates on this developing story.