MTN discloses cyberattack impacting customer data in select markets

MTN Group, Africa’s largest telecommunications provider,  has announced a cybersecurity breach that has impacted customer data in select markets, including its Nigerian operations.  The company detected malware on its systems at 11 pm local time on Saturday, April 19, 2025, during a weekend cyberattack that compromised internal systems.

In an official statement, MTN emphasised its commitment to customer privacy and data security:

“We remain committed to safeguarding the integrity of our systems and the trust placed in us by our customers and other stakeholders.”

The telecommunications giant claimed to be actively managing the situation and has assured stakeholders of ongoing updates as more information becomes available.

MTN Nigeria, the group’s largest subsidiary, with over 80 million subscribers and 51% market share as of January 2025, could face severe regulatory consequences if Nigerian customer data is confirmed compromised. The Nigerian Communications Commission (NCC) is yet to issue any formal directive as at the time of filling this report. However, it is expected to launch an inquiry, similar to previous data protection violations.

The MTN incident echoes a broader trend of rising cyberattacks on telecom and digital infrastructure across Africa. In April 2024, SK Telecom in South Korea reported a malware breach that leaked sensitive USIM card data.

In February 2024, Kenya’s Safaricom faced a major phishing campaign that tricked thousands of users into revealing M-PESA PINs. Similarly, in South Africa, Vodacom disclosed a data breach in 2023 that affected over 1.2 million users.

Experts warn that as African telecoms expand into mobile money, fintech, and IoT services, they become increasingly attractive targets for cybercriminals.

MTN’s breach highlights the increasing need for robust cybersecurity measures within the telecommunications sector, especially during periods of reduced staffing.

With MTN operating in 19 countries, including Ghana, Cameroon, Uganda, Côte d’Ivoire, and South Africa, other subsidiaries may also face scrutiny. Regulators across Africa are now under pressure to demand more rigorous compliance with data protection laws, like Nigeria’s NDPR and South Africa’s POPIA Act.

Countries like Ghana, which passed its Data Protection Act in 2012, are now reviewing how telecoms collect and store subscriber data. The fear is that cross-border vulnerabilities could expose millions of Africans to identity theft, phishing, or ransomware attacks.

MTN says it has contained the malware and engaged global cybersecurity experts for forensic audits. Customers are advised to monitor their accounts and expect updates as the probe unfolds. This could be the reason for the recent service downtime, lasting a week in Nigeria.