News

Home » News

Eskom confirms no new breaches of its online vending system (OVS)

Picture of Faizel Patel

By Faizel Patel

Senior Journalist

3 minute read

7 January 2026

08:47 am

RELATED ARTICLES

The issue was first fully disclosed in Eskom’s 2024 Annual Results published in December 2024.

Eskom confirms no new breaches to  of online vending system (OVS)

Picture: X/@RekordNewspaper

Eskom has confirmed that there were no new or emerging breaches of its Online Vending System (OVS), following decisive actions taken to curb OVS fraud, secure systems, protect revenue, and safeguard customers.

The issue was first fully disclosed in Eskom’s 2024 Annual Results published in December 2024.

Eskom at the time said it had taken decisive action to strengthen its systems and restore public confidence following the disclosure in its full-year 2024 financial results of a forensic report detailing the breach of its OVS.

Exploited

The power utility said the system was exploited to generate and distribute fraudulent prepaid electricity tokens, revealing critical vulnerabilities in both the physical and cybersecurity components of its prepaid electricity infrastructure.

ALSO READ: Eskom ends 2025 on high with plant performance on the rise

Assertions

Eskom spokesperson Daphne Mokwena said two comprehensive updates on the matter were already provided on 02 July 2025.

The utility said it undertook a comprehensive review and intervention strategy in July to mitigate these vulnerabilities and restore system integrity.

“Therefore, any assertions by recent media reports that Eskom did not respond to a question regarding the OVS are inaccurate.

“As the investigation into the OVS breach continues with law enforcement, and vending fraud is now reduced to very low levels, Eskom is proving that stronger systems, smarter technology, and decisive action are protecting revenue and ensuring secure, reliable electricity for all South Africans,” Eskom said.

Actions

In a progress update on 18 September 2025, Eskom said it had implemented key actions as part of a multi-layered approach to strengthen physical security, cyber resilience, and operational controls.

RELATED ARTICLES

This included:

  • Tighter physical access controls to secure vending environments,
  • Enhanced cybersecurity tools and monitoring to prevent unauthorised access, and
  • Stronger user-access controls with weekly dashboards flagging irregularities.

Eskom employees

Mokwena said expanded investigative measures, conducted in collaboration with law enforcement, have been concluded for some of the implicated employees.

“Certain elements have been referred to the authorities, and the company will cooperate fully.

Investigation

Eskom launched a forensic investigation in December last year into an electricity theft racket involving the use of illicit tokens for prepaid meters, which may have cost the company billions of rand in lost revenue.

It also probed the security of its IT systems, including the involvement of some of its employees.

ALSO READ: Eskom has 13 675MW – nearly three Medupis – in cold reserve

Read more on these topics

audit corruption Electricity Eskom theft

EDITOR'S CHOICE

Politics Meshoe says Trump’s Maduro abduction a moment for reflection on SA’s own drugs problem
News Driver’s licence card printing machine tender set aside by high court
News Four things you need to know about new NPA boss Advocate Andy Mothibi
News Unpaid guards at national key points spark security alarm
Courts Zuma, Mbeki apply for recusal of justice Khampepe from chairing TRC prosecutions

Download our app

App Store badge Google Play Store badge

Get the latest news and updates on Whatsapp