HQ/EMEAFind out how we can help your business
MTN Group, one of Africa’s leading mobile operators, has announced that it became the subject of a recent cybersecurity breach.
Reports revealed that the data breach incident has affected the personal information of some subscribers in specific countries.
The company, which was previously known as M-Cell, serves at least 300 million users across 20 nations. Threat actors may have considered this entity a prime target because its annual revenues exceed $11 billion.
Although the attack did not affect their network or billing systems, an investigation is underway to determine the full extent of the incident.
The company aims to inform stakeholders that unauthorised access to certain customers’ personal information has occurred in particular markets. In addition, it insists that its core network, billing systems, and financial services remain secure and fully operational.
Still, the alleged ‘unknown third party’ may have accessed some of the company’s data.
The MTN data breach still has many unanswered questions.
The immediate investigation conducted by MTN has not yet verified any compromise of customer wallets or accounts. However, the specifics of exposed information remain vague.
The company has notified the South African police and relevant regulatory agencies to assist with ongoing investigations and plans to inform affected customers soon. Furthermore, it encourages potentially impacted users to take additional precautions to avoid unwanted compromise despite no observed data misuse.
Recommended actions include setting up fraud alerts with major credit bureaus, keeping apps like MTN, MoMo, and banking applications up to date, using strong and distinct passwords, avoiding suspicious links and messages, never sharing passwords, PINS, or OTPS, and enabling multi-factor authentication whenever feasible.
As of now, no ransomware groups have claimed responsibility for the cybersecurity incident at MTN.
Researchers and other parties concerned have already contacted the telecommunications provider to inquire about the affected markets. However, most inquiries remain pending as the provider has yet to reveal additional details about the alleged cybercriminal activity.
