The Zambia Medicines and Medical Supplies Agency (ZAMMSA) has confirmed that one of its key servers crashed in October 2024, causing disruptions to several services. The affected server contained critical data, including payroll records and Sage ERP, which are vital to the agency’s operations.
Preliminary investigations by ZAMMSA’s ICT department revealed signs of tampering with accounting data and server activity logs dating back to 2020. In response to the incident, the matter was escalated to the Zambia Information and Communication Technology Authority’s (ZICTA) Cyber Incident Response Team (CIRT).
Despite the disruption, the ZAMMSA ICT team successfully restored the payroll system in time to process October 2024 salaries. The server was in the midst of a migration process when the crash occurred, which allowed for most data to be recovered and minimized operational downtime.
ZAMMSA has assured the public that it is committed to securing its systems and is working closely with ZICTA and other authorities to fully understand the cause of the crash and prevent similar incidents in the future. The outcome of the ongoing investigation will determine any necessary actions to address the breach.