Foschini Group scam reveals vulnerability of corporate cyber resilience in South Africa
South Africa's corporate sector faces a wake-up call following the Foschini Group's costly WhatsApp scam, which highlights the urgent need for heightened cyber resilience amid rising digital threats. This article examines the implications for businesses as the nation moves towards greater digitisation.
Image: File/ Leon Nicholas
The recent recovery of R11 million by the Foschini Group following a staggering R22 million WhatsApp scam has sent shockwaves through the South African corporate landscape, shedding light on a glaring weakness in cyber resilience among even the most established businesses.
This chilling incident not only underscores the significant threats posed by identity hijacking but also serves as a cautionary tale as the nation increasingly moves towards digitisation.
According to Martin Potgieter, Regional CTO at Integrity360, the implications of this incident are profound.
In his analysis of the upcoming 2026 State of the Nation Address (SONA), Potgieter highlights the urgency for organizations to not only grapple with the reality of cyber threats but to enhance their defences in the face of growing digital risks.
“As the state progresses in digitising vital services—ranging from Matric certificates to Digital IDs—the onus is on the private sector to respond with a mature approach to risk,” he remarked.
The President’s optimistic report on the rising confidence among investors and consumers, as presented in Sona, introduces a contrasting reality about the importance of securing digital assets that underpin this trust. Potgieter asserts, “Building economic trust necessitates an equivalent focus on the cyber infrastructure that sustains it.” This realisation calls for a paradigm shift in the boardrooms, moving the conversation from 'Are we secure?' to 'How resilient are we when an incident occurs?'
As the state intensifies its focus on establishing a National Illicit Economy Disruption Programme and introduces stringent Public Procurement Act regulations, the interplay between regulation and technology becomes ever more critical.
Potgieter articulates this necessity, stating that the call for ethical governance and accountability is equally applicable to the private sector. “Cybersecurity isn't merely a line item in the IT budget,” he warns.
“The cost of failure results in the erosion of trust, a fundamental element the President claims is being restored in our markets.”
Crossing into a new era of accountability and scrutiny, Potgieter believes that this evolving regulatory environment demands a strategic understanding of the Return on Investment (ROI) related to security.
He said, “Integrity360 views the SONA priorities as a robust call to action for businesses to align their internal governance with the national standards envisioned by the President. By fostering a culture of transparency and ensuring the security of our digital assets, we contribute positively to the broader national compact for growth and progress.”
As the digital landscape expands, the key takeaway from this incident is that comprehensive cybersecurity strategies are not just protective measures—they are enablers of business resilience and public confidence. The Foschini Group's experience serves as a pivotal lesson for businesses across South Africa: Prepare now, or risk falling prey to the vulnerabilities of the digital age.
Follow Business Report on Facebook, X and on LinkedIn for the latest Business and tech news.