PV Transact
PV Transact

Eskom updates on online vending system fraud – extent still unknown

Google+ Pinterest LinkedIn Tumblr +
  • Eskom notes recent article regarding the Online Vending System (OVS) breach.
  • This issue was first disclosed in the utility’s full-year 2024 financial results (December 2024), with a progress update provided on 2 July 2025, highlighting decisive actions taken to secure systems, protect revenue, and safeguard customers.
  • Following the initial discovery, Eskom implemented a comprehensive review and intervention strategy to mitigate vulnerabilities and restore system integrity.

A forensic investigation uncovered the bulk generation of illegal prepaid electricity tokens on Eskom’s online vending systems, for both Key Revision Number (KRN) 1 and KRN 2 prepaid meters. Indications are that this is only likely if there is collusion between Eskom staff and illicit operators who breached controls within the prepaid ecosystem to facilitate the creation and sale of fraudulent prepaid electricity tokens. Eskom has never disclosed the extent of the theft believed to have run into R billions lost over an extended period.Read more

“Earlier this year, Eskom strengthened the protection of its systems against potential threats. All enhancements are managed through a robust Change Management process across all divisions, ensuring consistent oversight and control. These measures are part of our ongoing commitment to safeguarding operations,” said Eskom Chief Technology and Information Officer, Len De Villiers.

Fraud linked to the OVS has now been reduced to very low levels of activity. This improvement reflects a multi-layered approach strengthening physical security, cyber resilience, and operational controls. The rollout of smart meters has also enabled near real-time detection of suspicious activity, supporting more effective investigations.

Key actions implemented:

  • Tighter physical access controls to secure vending environments.
  • Enhanced cyber-security tools and monitoring to prevent unauthorised access.
  • Stronger user-access controls with dashboards flagging irregularities weekly.
  • Expanded investigative measures, conducted in collaboration with law enforcement, have been concluded for some of the implicated employees, with the internal process resulting in their dismissal. Certain elements are to be referred to authorities, and the company will cooperate fully.
  • Deployment of detection tools to highlight risk areas and enable early intervention.
  • Rollout of smart meters and reconciliation methods to validate fraud levels monthly.
  • Acceleration of a new, secure vending platform to replace the current OVS.

“Reducing vending fraud to very low levels, demonstrates that our interventions are effective. We are protecting revenue, restoring trust, and ensuring our customers receive a secure and reliable service. This is whilst we continue to investigate the historical fraudulent acts to establish interventions that may be necessary,” said Eskom Group Chief Executive, Dan Marokane.

Eskom also clarifies that prepaid electricity tokens can only be used on meters registered within Eskom’s system. Municipalities operate independent vending systems, which are not integrated with Eskom’s platform. This means that tokens generated by Eskom cannot be applied to municipal meters, and vice versa. This separation prevents tokens from being universally applied, contrary to assumptions in the recent article.

While the investigation into the OVS breach continues with law enforcement, with vending fraud now reduced to very low levels, Eskom is proving that stronger systems, smarter technology, and decisive action are protecting revenue and ensuring secure, reliable electricity for all South Africans.

Author: Bryan Groenendaal

Share:
Share.

Leave A Reply

Copyright Green Building Africa 2026.