Unknown assailants broke into the headquarters of the Bank of Uganda (BoU) in a sophisticated overnight operation that has raised serious concerns about internal security, surveillance vulnerabilities, and possible insider collusion.
According to a public notice issued by the central bank on Monday, May 4, 2026, the incident involved “unlawful entry” at its Head Office premises at Plot 45 on Kampala Road—specifically the shorter tower near City Square, between Church House and the East African Development Bank Tower on Shimoni Road.
The bank confirmed that the break-in occurred overnight, during which seven laptop computers were stolen.
Additional security details emerging from local and investigative sources paint a more alarming picture of the breach. The intruders are believed to have spent nearly three hours inside the premises, during which they:
- Disabled internet connectivity
- Removed a CCTV server
- Took a network router
- Accessed internal office spaces without forced entry
The method of entry—reportedly involving duplicated keys—has intensified suspicion of insider involvement, potentially implicating staff or contracted security personnel.
The precision and duration of the operation suggest prior knowledge of the building’s layout, surveillance systems, and response gaps.
The BoU stated that the matter is currently under investigation, with the institution working closely with relevant security agencies to establish the full circumstances and take appropriate action.
Security sources indicate that a joint operation involving the Uganda Police Force and military intelligence is already underway. Arrests have reportedly been made in parts of downtown Kampala, particularly in arcade centers often linked to electronics trade and repair networks.
Investigators are focusing on:
- The extent of any internal collaboration
- Whether sensitive financial or institutional data was compromised
- The intended use or destination of the stolen devices
BOU SPEAKS OUT
In its official communication, the Bank of Uganda reassured the public that its core operations and services remain fully functional and have not been disrupted by the incident.
“The BoU assures the public that its core operations and services remain fully functional and have not been disrupted by this incident,” the statement read, adding that further updates will be provided as more information becomes available.
The breach at Uganda’s central bank, an institution considered among the most secure in the country, raises broader questions about the resilience of critical infrastructure against both physical and cyber threats.
Experts note that the theft of devices such as laptops and surveillance servers could carry risks beyond material loss, particularly if they contained sensitive data or access credentials.
The incident is likely to trigger a comprehensive review of security protocols within high-value government institutions, especially those tied to national financial systems.
As investigations continue, the focus will remain on whether this was a targeted intelligence-driven operation or a high-level criminal enterprise exploiting systemic vulnerabilities.
