Strive Masiyiwa backed e-commerce platform which was hacked 4 days ago is still down

Nigel Gambanga Avatar

No matter how virtual e-commerce is, it hinges on one basic principle: exchanging money for a product. It’s this same element that brings the aspect of security at the centre of the e-commerce discussion.

4 days ago, tengai.co.zw, a new Zimbabwean e-commerce platform which had been launched at the start of the week, became the subject of this same talk on e-commerce security. The platform, which is an online classifieds site, was hacked by a person/group identified as Anonymous Zimbabwe. 

Apparently, the hack was motivated by the grey area on net-neutrality which Tengai had landed on with its working relationship with mobile operator Econet Wireless. This relationship has allowed Tengai to offer zero-rated access to its platform to all Econet subscribers. Econet’s founder, Strive Masiyiwa, has a stake in Tengai.

While the security of e-commerce has nothing to do with the net neutrality issue, it has become something Tengai also has to deal with because of the attack to its platform.

So why is Tengai still down? Why is it taking so long to respond to this attack?

We haven’t heard back from Tengai on what sort of progress is being made on getting the platform back online, but the silence is likely meant to be a sign that the platform is being fortified from further attacks. How this is being done will only be clear when the site is back.

It’s also not clear is what the hacker(s) exploited. While it’s been pointed out by some people that Tengai was built using an over the shelf solution from ocPortal (we actually thought that it was from Osclass) which could have made it more susceptible to threats, there is the likelihood that Tengai is migrating from one over the shelf solution to another.

The other suspicion for most people was how the Tengai hack was a DDoS attack. This was reinforced by the name Anonymous Zimbabwe, which might (or might not) be linked to Anonymous Africa, a hackers’ outfit that uses DDoS attacks extensively. 

If this is the case, then Tengai is probably faced with decisions of finding a more reliable hosting service with a better handle on infrastructure management or exploring the option of amping up its server security.

In any case, the resolution of the Tengai  hack is taking longer than most of us expected. The consolation is that this might just mean that it won’t happen again.

3 comments

  1. John. t

    Boring story. Just let us know when it’s back up and running. Constant updates of no additional news are getting tiresome. I wanna try their service.

  2. How good was it

    Maybe they going to be adding more functionality as well, the site just seemed like a general classifieds site like many others here in Zimbabwe that have sprung up over the years. Did I miss something cool and ecommerce or was its only differentiating factor that it was free to econet subscribers cos other sites have free sms and posting for years.

  3. collen

    good measure by tengai, you first look on how you where hacked and then patch up you system rather than restoring a back up and get hacked again

2023 © Techzim All rights reserved. Hosted By Cloud Unboxed