On 3 June 2025, the Bellville Specialised Commercial Crimes Court delivered one of South Africa’s first cybercrime convictions under the Cybercrimes Act 19 of 2020, sentencing Mr Lucky Majangandile Erasmus to eight years in prison, with three years suspended for five years.

Mr Erasmus was a former employee of Ecentric Payment Systems, a leading South African payment service provider. 

This case is amongst the first publicly reported convictions under the Cybercrimes Act, which was enacted in 2021 to address the growing threat of cybercrime in South Africa. The Act criminalises a wide range of cyber and computer-related offences and provides a legal framework for prosecuting cybercriminals.

Clyde & Co is proud to have advised Ecentric, alongside digital forensic firm Cyanre, and supported the criminal investigation which culminated in the successful prosecution and conviction of these cybercrimes.

Background to the Case

Erasmus was arrested in December 2023 following a targeted cyberattack on Ecentric. In tandem with a co-accused who was a current employee, Felix Unathi Pupu, Erasmus installed unauthorised remote access software on Ecentric’s systems, enabling unlawful access to and theft of sensitive data and illegal changes of access credentials for senior management.

Following the compromise, an anonymous individual contacted Ecentric’s CEO, threatening to publish the company’s data and contact its customers unless a ransom was paid. This was followed by social media posts attempting to expose a data breach. Cyber extortion demands were made, but were ultimately not paid. Four of Ecentric’s retail clients suffered fraud losses as a result of the illegal activity. 

Offences and Convictions

Erasmus entered into a plea agreement with the State and was convicted on 17 charges relating to offences recognised under the Cybercrimes Act, including:

  • Theft of data
  • Attempted cyber extortion
  • Cyber fraud
  • Unlawful access to computer systems
  • Use of unauthorised software or hardware tools
  • Interference with networks, data, and storage media
  • Unauthorised password resetting

The co-accused, Mr Pupu, remains in custody and is scheduled to appear for plea and sentencing on 30 June 2025.  

Clyde & Co's role

We supported Ecentric from the inception of the incident right through to sentencing, including:

  • advising on extortion threat response and strategy
  • issuing takedown notifications
  • engaging with customers and key stakeholders
  • notifying affected data subjects, the Information Regulator and law enforcement authorities
  • drafting witness statements and affidavits
  • guiding internal investigation to identify suspects
  • advising on the preservation of evidence
  • supporting the criminal investigation, arrest and prosecution of the suspects.

Key Takeaways

  • Imprisonment is a real and enforceable consequence under the Cybercrimes Act. This conviction sends a strong message that cyber offences are not abstract or victimless crimes.
  • Successful prosecutions rely heavily on digital forensic evidence. Legal teams must be involved early to ensure evidence is collected lawfully and admissibly. Preserving logs, access records, and system data immediately after a breach to support legal proceedings is vital.
  • Prosecuting cybercrime requires effective collaboration between legal and digital forensic experts, investigators, and prosecutors trained in cyber offences. 

A special word of thanks to the Directorate for Priority Crime Investigation (HAWKS) - Western Cape, the SAPS and the NPA for their efforts in investigating and prosecuting this matter. 

The SAPS announcement can be viewed here: https://www.saps.gov.za/newsroom/msspeechdetail.php?nid=61361