HABARI DAILY I Kampala, Uganda I Police has revealed the security breaches that led to the daring break-in at the Bank of Uganda headquarters in Kampala, where thieves made off with seven laptops in what investigators suspect was an inside-assisted operation.
According to preliminary police findings, the attackers exploited multiple layers of vulnerability within the central bank’s security system, raising serious concerns about internal collusion, access control and surveillance weaknesses at one of the country’s most heavily guarded institutions.
The incident, which occurred on Monday morning, saw a group of about five men gain entry through a gate opposite City Square before proceeding into the commercial offices. Investigators say the suspects remained inside the premises for nearly three hours, operating undetected before leaving with the stolen devices.
Police believe the most critical breach involved the use of duplicated keys, which allowed the suspects to access secure areas without forcing entry. This method has led investigators to suspect that the attackers may have worked with insiders, including members of staff or the security team.
“The nature of access suggests prior knowledge of the premises and internal systems,” a source familiar with the investigation said, pointing to the coordinated manner in which the group navigated the building.
Further compounding the breach was the deliberate disabling of the bank’s internet connection. By cutting off connectivity, the suspects were able to interfere with monitoring systems and potentially delay detection, giving them enough time to execute the operation.
In addition to the laptops, the attackers reportedly targeted critical security infrastructure. Among the items stolen were a CCTV server and an internet router valued at approximately Shs50 million. The removal of these devices is believed to have been a calculated move to erase or limit evidence of the intrusion.
Despite their access, the suspects failed to reach the bank’s cash reserves. Police say the group attempted to locate keys to the strong room but were unsuccessful. During their search, they damaged several CCTV cameras and office doors, indicating a level of urgency once inside.
Footage retrieved from the scene shows the suspects moving through reinforced doors, suggesting they had both the tools and confidence to operate within a high-security environment.
A joint response team from Uganda Police Force, led by officers from Central Police Station Kampala, was dispatched to investigate the incident. Sniffer dogs were deployed and tracked a scent leading to Mutaasa Kafeero Plaza in the city centre.
The discovery prompted a wider security operation in downtown Kampala, where several buildings were temporarily sealed off as part of ongoing searches.
Kampala Metropolitan Police spokesperson Racheal Kawala confirmed that the follow-up operation was intelligence-led and revealed that more than 20 suspects had since been arrested. Some items believed to be linked to the break-in have also been recovered.
However, she declined to directly link the arrests to the central bank incident, stating: “I do not have the information that you are asking me.”
Investigators are now focusing on piecing together how such a breach could occur at a facility known for its tight security protocols. Early indications suggest that the incident may have been less about external force and more about internal weaknesses—particularly in access control, staff vetting and surveillance systems.
Sources also indicate that the Bank of Uganda has opted to manage communication around the incident internally, even as public concern grows over the safety of critical financial infrastructure.
Security analysts say the case highlights the increasing sophistication of criminal networks and the risks posed by insider threats. They warn that even the most fortified institutions remain vulnerable if internal controls are compromised.
As investigations continue, authorities are expected to scrutinise both human and technological factors that may have enabled the breach, with the aim of preventing similar incidents in the future
About the Author
