Ugandan police have arrested nine officials from the Ministry of Finance after a cyberattack on the Bank of Uganda led to the loss of about 62 billion Ugandan shillings ($16.87 million).
The arrested officials include top staff from the Treasury Department.
The cyberattack, which was first reported in November 2024, involved hackers breaching the central bank’s systems.
 The group behind the attack, known as “Waste,” carried out fraudulent transactions, raising questions about the security of Uganda’s banking system.
The arrests have shaken public trust in the country’s financial institutions, as the involvement of key government officials suggests possible internal fraud or weak security measures.
Despite the Bank of Uganda’s rule introduced in April 2024, requiring ID verification for transactions over 1 million shillings, the breach shows that security gaps remain.
Uganda’s situation mirrors a growing problem of financial fraud across Africa.
 In South Africa, cases of fraud in vehicle financing and mortgages have doubled, while in March 2024, Ethiopia’s largest bank lost $40 million due to a system failure.
To improve security, experts suggest stronger banking systems, better monitoring of financial transactions, regular audits, and partnerships with global cybersecurity firms to help prevent future attacks.
