The company is still investigating the full extent of the damage, but it has admitted that an unauthorised third party gained access to parts of its system.

The cyber breach, according to MTN, did not affect its core network, billing platforms, or financial systems. These remain intact. Still, personal data was accessed, and the company has now activated its crisis response mechanisms. 

Authorities, including the South African Police Service and the Hawks, have been brought in. Regulatory agencies in the affected markets are also involved.

MTN didn’t disclose which countries were hit. It simply said the breach involved a third party. “At this stage, we do not have any information to suggest that customers’ accounts and wallets have been directly compromised,” MTN stated.

The company is reaching out to affected customers and says it’s following local data protection laws to the letter.

The group has advised customers to take basic security steps—change passwords, avoid dodgy links, don’t share PINs or OTPs, and switch on multi-factor authentication if it’s available. Fraud alerts on credit reports are also on the list.

This follows a worrying pattern across the global telecom space. Just days ago, SK Telecom in South Korea revealed that hackers used malware to access sensitive USIM-related data during an off-hours attack. That’s the kind of backdrop we’re dealing with—one where cyberattacks are becoming more strategic, timed, and effective.

For Nigerians, there’s a temporary sigh of relief. Sources say MTN Nigeria wasn’t affected by the cyber breach. But that doesn’t mean it won’t be next time. MTN’s massive reach—280 million users across 19 countries—makes it a goldmine for cybercriminals.

Even with assurance that the “core infrastructure” remains untouched, this breach chips away at customer trust. We’ve entered a new phase of digital threat where it’s no longer about if but when. 

MTN says, “We remain committed to safeguarding the integrity of our systems and the trust placed in us by our customers and other stakeholders.” 

As the world becomes more digital, cyber-attacks have become both frequent and severe. Figures  from Kaspersky shows that cyberattacks on SMEs have increased by 89% in 2022.

Perhaps more damning is the report by the Nigerian Communications Commission (NCC)  that Nigeria has lost $500 million due to cyberattacks

Delivering his keynote address, Dr. Peter Adewale, co-founder of DigitalEncode and Chief Visionary Officer at DigitalEncode, gave insights on the importance of cybersecurity and best practices in cybersecurity.

He said, “There is no better time to talk about cybersecurity than now because we live in a digital world, and the reality is that COVID-19 has accelerated the usage of technology for everyone. Events like these are necessary because we need to create situational awareness about the risks of cyberattacks. It is important to build capacity and train people because people are an essential part of cybersecurity, and you can’t go wrong when you train people.”

Anietie Jude, Senior Manager, Information Security,  MTN Nigeria, said, “We are delighted to be hosting this event because we want to improve the safety of Nigerian lives and businesses, cyber security is everyone’s business  and we need to ensure everyone is cybersmart.”

The reality is that small businesses in Nigeria need to be better informed about the dangers and threats they face because they are often the target of these attacks, as they often lack the resources to invest in a cybersecurity team.

Speaking at the event, Nkiruka Joy Aimienoho, Associate Director, Cybersecurity, Privacy, and Resilience, PwC, stated, “It is important that SMEs start to take cybersecurity seriously; they must imbibe this culture because cyber-attacks can happen to anyone. Events like this are important because they raise awareness and remind people that they must be cyber-aware.”

The event, themed “Building a Cybersecurity Intelligent Quotient” furthers MTN’s commitment to sensitizing SME owners and the general public on the dangers of cyber-attacks and how to mitigate such attacks.