Africa’s biggest telecommunications company, MTN Group, has confirmed that it suffered a cyberattack which exposed some personal information of its customers. However, the company has assured the public that its main systems and financial platforms were not affected by the breach.
In a statement released on Thursday and posted on its official website, MTN said an unidentified third party gained access to parts of its IT systems. While investigations are still ongoing, MTN stressed that there is no evidence so far that customer accounts, digital wallets, or its key infrastructure were compromised.
“There is no evidence of compromise to any of our critical infrastructure, core MTN platforms, or services,” the company stated. “Our core network, billing systems, and financial services infrastructure remain secure and fully operational.”
MTN Group, based in Johannesburg, South Africa, operates in 19 countries and serves over 280 million subscribers, including millions of Nigerians. The company did not specify which countries were affected by the breach, but confirmed it had contacted authorities and regulators in the impacted markets.
The data breach was reportedly discovered after a third party claimed to have accessed certain areas of MTN’s systems. This prompted an immediate internal investigation and engagement with law enforcement agencies.
In South Africa, MTN has already notified the South African Police Service and the Hawks, a special crime-fighting unit, about the incident. Similar steps are being taken in other countries where customers may have been affected.
MTN says it is working around the clock with cybersecurity experts and government agencies to understand the full extent of the breach. The company is also taking steps to notify affected customers, in line with local laws and data protection regulations.
“We have informed the relevant country authorities and will continue to update them on an ongoing basis while working closely with them and law enforcement agencies to support their investigations,” the company said.
The telecom giant is also advising customers to take extra precautions to protect themselves against potential fraud or identity theft that could result from the breach.
MTN has recommended that all customers — whether or not they are directly affected — adopt basic cybersecurity practices. These include:
– Placing fraud alerts on credit reports.
– Regularly updating mobile apps.
– Using strong, unique passwords for accounts.
– Being cautious of unexpected messages containing suspicious links.
– Avoiding the sharing of sensitive details like passwords, PINs, and one-time passwords (OTPs) through phone calls, texts, or emails.
– Enabling multi-factor authentication on services where available.
These steps, the company says, can help reduce the risk of becoming a victim of cyber fraud, especially at a time when digital threats are becoming more common.
The attack on MTN highlights a growing trend of cyber threats targeting major companies, especially in Africa. With increasing reliance on digital platforms for communication, banking, and data storage, telecom firms like MTN have become key targets for hackers.
In Nigeria, where MTN holds a large market share and provides mobile services, internet access, and financial products through MoMo (Mobile Money), such an attack raises serious concerns. Many Nigerians use their phones for banking, online transactions, and storing sensitive personal data. A breach of this nature could have severe consequences if proper precautions are not taken.
The National Information Technology Development Agency (NITDA) and the Nigerian Communications Commission (NCC) are yet to issue official responses regarding the impact of the breach on Nigerian subscribers. However, cybersecurity experts say the incident is a reminder of the need for strong data protection laws and better enforcement.
In recent years, there have been several warnings about the vulnerabilities in digital infrastructure across Africa. MTN, like other major corporations, regularly invests in security upgrades, but the evolving tactics of cybercriminals continue to pose a threat.
For now, MTN says it is focused on containing the incident and learning from it to strengthen its systems.
“We are treating this incident with the highest priority and will take all necessary actions to safeguard our customers and business,” MTN assured.
The company has pledged to be transparent and to keep customers informed as more details become available. In the coming days, affected customers are expected to receive direct communication from MTN on what specific data may have been exposed and what steps to take next.
