By Johnathan Paoli
Eskom says it has drastically reduced fraud linked to its Online Vending System (OVS), but the financial and reputational cost of the breach is still being counted.
The embattled power utility first disclosed the breach in its 2024 financial results, where insiders quietly admitted that revenue losses had been “material” and confidence in prepaid systems had been shaken.
“Earlier this year, Eskom strengthened the protection of its systems against potential threats. All enhancements are managed through a robust Change Management process across all divisions, ensuring consistent oversight and control. These measures are part of our ongoing commitment to safeguarding operations,” Eskom’s Chief Technology and Information Officer, Len De Villiers said.
The breach allowed fraudulent electricity vending, with tokens being illicitly generated or manipulated.
Though Eskom has not yet put a rand figure to the losses, industry analysts say the scale could run into hundreds of millions, given the sheer size of the prepaid electricity market and the length of time the fraud went undetected.
Eskom confirmed that some employees were implicated, with dismissals already concluded and several cases now referred to law enforcement.
While Eskom’s July 2025 update emphasised “decisive action,” the latest developments underscore just how vulnerable the system was.
Customers were largely kept in the dark until whistle-blowers and financial reports exposed the extent of the breach, forcing the utility to act.
Since then, Eskom has rolled out a sweeping intervention plan including tightening physical access controls around vending sites; deploying advanced cyber-security monitoring; installing user-access dashboards to track irregularities weekly; expanding investigative partnerships with law enforcement; rolling out smart meters with near real-time fraud detection; and accelerating a completely new, secure vending platform.
According to Eskom Group Chief Executive Dan Marokane, these interventions have delivered.
“Reducing vending fraud to very low levels demonstrates that our interventions are effective. We are protecting revenue, restoring trust, and ensuring our customers receive a secure and reliable service. This is whilst we continue to investigate the historical fraudulent acts to establish interventions that may be necessary,” he said.
Smart meters have been crucial.
By reconciling usage and sales monthly, they enable Eskom to pick up anomalies that previously slipped through the cracks for months.
Yet questions remain over how long it will take to phase out legacy meters and what risks persist in the transition.
Eskom also moved to correct confusion about its vending system.
Tokens generated by Eskom’s OVS cannot be applied to municipal meters, and municipal tokens cannot be used in Eskom’s system.
While this separation limits fraud from spilling across networks, it also highlights the fragmented nature of South Africa’s electricity distribution, a longstanding vulnerability critics argue weakens oversight.
Despite its confident messaging, Eskom has not disclosed how many employees were involved in the fraud, how long it took place before discovery, or how much revenue was lost.
Nor has it explained why it took until December 2024’s results to publicly acknowledge the breach, even though suspicious activity was reportedly flagged months earlier.
INSIDE POLITICS