Eskom reports major gains in containing Online Vending System breach amid ongoing investigation

Thursday, 18 September 2025: Eskom notes recent article regarding the Online Vending System (OVS) breach. This issue was first disclosed in the utility’s full-year 2024 financial results (December 2024), with a progress update provided on 2 July 2025 [Eskom continues to strengthen security systems and oversight of its Online Vending System], highlighting decisive actions taken to secure systems, protect revenue, and safeguard customers. Following the initial discovery, Eskom implemented a comprehensive review and intervention strategy to mitigate vulnerabilities and restore system integrity.

“Earlier this year, Eskom strengthened the protection of its systems against potential threats. All enhancements are managed through a robust Change Management process across all divisions, ensuring consistent oversight and control. These measures are part of our ongoing commitment to safeguarding operations,” said Eskom Chief Technology and Information Officer, Len De Villiers.

Fraud linked to the OVS has now been reduced to very low levels of activity. This improvement reflects a multi-layered approach strengthening physical security, cyber resilience, and operational controls. The rollout of smart meters has also enabled near real-time detection of suspicious activity, supporting more effective investigations.

Key actions implemented:

• Tighter physical access controls to secure vending environments.
• Enhanced cyber-security tools and monitoring to prevent unauthorised access.
• Stronger user-access controls with dashboards flagging irregularities weekly.
• Expanded investigative measures, conducted in collaboration with law enforcement, have been concluded for some of the implicated employees, with the internal process resulting in their dismissal. Certain elements are to be referred to authorities, and the company will cooperate fully.
• Deployment of detection tools to highlight risk areas and enable early intervention.
• Rollout of smart meters and reconciliation methods to validate fraud levels monthly.
• Acceleration of a new, secure vending platform to replace the current OVS.

“Reducing vending fraud to very low levels, demonstrates that our interventions are effective. We are protecting revenue, restoring trust, and ensuring our customers receive a secure and reliable service. This is whilst we continue to investigate the historical fraudulent acts to establish interventions that may be necessary,” said Eskom Group Chief Executive, Dan Marokane.

Eskom also clarifies that prepaid electricity tokens can only be used on meters registered within Eskom’s system. Municipalities operate independent vending systems, which are not integrated with Eskom’s platform. This means that tokens generated by Eskom cannot be applied to municipal meters, and vice versa. This separation prevents tokens from being universally applied, contrary to assumptions in the recent article.

While the investigation into the OVS breach continues with law enforcement, with vending fraud now reduced to very low levels, Eskom is proving that stronger systems, smarter technology, and decisive action are protecting revenue and ensuring secure, reliable electricity for all South Africans.

Eskom calls on customers and stakeholders to remain vigilant and report any suspicious prepaid electricity activity.

ENDS