Directorate of File Automation (DAF), Senegal
Analysis of the claimed Senegal government biometric database breach by Green Blood Group with 139TB of identity data.
Published by the Scrutex.ai Research Team | February 2026
Disclaimer
This advisory is provided for informational and educational purposes only by the Scrutex research team. It is based entirely on publicly available reporting from the sources cited below. Where details are unconfirmed or disputed by the affected organisation, this is noted explicitly. Scrutex does not independently verify internal claims made by affected organisations or threat actors. This advisory should not be interpreted as a confirmed statement of fact regarding any organisation's security posture. Organisations concerned about their own exposure should conduct independent assessments and seek professional legal advice.
At a Glance
Organisation
Directorate of File Automation (DAF), Senegal
Senegalese government agency responsible for maintaining the national biometric and identity database for citizen identification and civil registration.
Sector
Government
Region
Senegal
Date of Incident
Prior to February 2026 (exact date not disclosed)
Date Disclosed
February 2026
Estimated Impact
Unknown (139TB claimed)
Data Types Exposed
Biometric data, national identity records, civil registration data
Attack Type
Data Breach
Attack Vector
Not publicly confirmed
Threat Actor
Green Blood Group
Current Status
DAF acknowledged the incident and temporarily halted services. Investigation ongoing.
Severity Assessment
Critical if confirmed. 139TB of data from a national biometric and identity database would represent one of the most significant government data breaches in Africa. Biometric data cannot be changed or reissued.
What Happened
In February 2026, the Green Blood Group claimed to have breached the Senegalese Directorate of File Automation (DAF), claiming 139TB of data including biometric and identity records.
DAF acknowledged the incident and temporarily halted services. If confirmed, this represents a critical breach of a national biometric and identity database.
Timeline
February 2026
Green Blood Group claims breach of Senegalese DAF with 139TB of biometric and identity data
February 2026
DAF acknowledges incident and temporarily halts services
Threat Actor Profile
Green Blood Group is a threat actor that has targeted government institutions, though limited public information is available about their broader operations and affiliations.
Impact and Risk Assessment
For Affected Individuals
If confirmed, Senegalese citizens may have had their biometric data, national identity records, and civil registration data exposed.
Biometric data such as fingerprints and facial recognition data cannot be changed or reissued, creating permanent identity security compromise.
For Organisations
The Senegalese government faces the challenge of restoring trust in its national identity infrastructure.
International organisations operating in Senegal that rely on national ID verification may need to implement additional identity safeguards.
Regulatory Context
Senegal's Law No. 2008-12 on the Protection of Personal Data and the Commission de Protection des Donnees Personnelles (CDP) oversee data protection in the country.
International cooperation may be needed given the scale and sensitivity of the claimed breach.
What Should You Do?
If You Are a Potentially Affected Individual
Senegalese citizens should monitor for unusual activity involving their national identity documents and be alert to identity fraud.
If You Are a Security or Risk Professional
Government biometric databases require the highest levels of physical and logical security, including air-gapped backup systems and continuous monitoring.
Developing nations' digital identity systems face significant cybersecurity challenges that require international cooperation and investment.
Learnings and Recommendations
Government biometric databases represent national-level identity infrastructure. Their compromise has implications that extend far beyond typical data breaches and cannot be remediated by issuing new credentials.
Developing nations' digital identity systems face significant cybersecurity challenges that require international cooperation and investment.
Sources
This advisory is provided for informational purposes by the Scrutex.ai research team. It is based on publicly available reporting from the sources cited above. Where details are unconfirmed or disputed, we have noted this accordingly. Scrutex.ai does not independently verify internal claims made by affected organisations. Organisations concerned about their own exposure are encouraged to conduct their own assessments and seek professional advice where needed.
Stay ahead of the next breach
Scrutex monitors dark web sources, breach databases, and threat actor activity continuously, detecting exposure that affects your organisation before it becomes a headline.