By Jimmy Zwane
17 October 2025 | 11:00 AM
Johannesburg — The University of the Witwatersrand (Wits) has confirmed that it was the target of a sophisticated cyberattack, as part of a larger breach affecting Oracle E-Business systems across several countries.
In a statement issued on Friday, Wits said the attack is being classified as a “zero-day” exploit — a high-level cyber threat that takes advantage of previously unknown vulnerabilities in software before developers have time to fix them.
“It means that the software developer has zero days to resolve the issue before the attack occurs,” the university explained. “Despite the breach, operations continue as normal.”
Rapid Response and Containment Measures
Wits’ Information and Communications Technology (ICT) team moved swiftly to respond to the breach, implementing all critical patch updates released by Oracle in the wake of the incident.
The university’s Chief Information Officer is leading a coordinated response involving internal ICT teams, Oracle representatives, and independent cybersecurity experts to determine the full extent of the intrusion.
“We have notified the Information Regulator of the incident and are doing everything possible to assess the potential risk to our university community,” the statement said.
As of Friday morning, the institution said there is no confirmed evidence of data theft or operational disruption, but a full forensic investigation is underway to identify any compromised systems or information.
Concerns Grow After Financial Scam Warning
The timing of the cyberattack has raised further concern, coming just hours after Wits issued a financial fraud alert warning students about an active scam targeting them via WhatsApp and SMS.
According to the university’s Student Finance Office, scammers are impersonating representatives of fictitious companies, claiming to help students settle their outstanding debts.
The fraudulent messages allege that students can resolve their debts by paying 30% of their balance upfront, after which the scammers promise to cover the remainder on their behalf.
“Please note that this is a scam. Do not share your personal information or make any payments to such individuals,” Wits cautioned.
Students have been urged to handle all financial matters only through official university channels, with the Student Fees Office designated as the sole point of contact for queries related to student accounts.
Broader Implications
The incident places Wits University among several global institutions affected by the Oracle E-Business breach, highlighting the growing threat of cybercrime in the higher education sector.
Cybersecurity analysts have warned that South African universities are increasingly becoming targets for digital attacks due to the sensitive data they hold and, in some cases, gaps in digital infrastructure.
Wits has committed to sharing further updates with the campus community as the investigation progresses and more details emerge.
Jimmy Zwane is a journalist covering higher education, digital threats, and governance issues in South Africa.
