MTN Declares Core Infrastructure Secure After Cyberattack

With 290.9 million users, the giant and biggest mobile operator in Africa, MTN Group, reported on Thursday that its core networks, billing systems, and financial platforms are still secure despite a cybersecurity incident that exposed some customers’ personal information in specific areas. In some markets, a cybersecurity problem caused unauthorized access to some of its customers’ personal data.

MTN announced in a statement on its website that an unnamed third party had allegedly gained access to some of its systems.

MTN told stakeholders that there is no proof that user accounts or digital wallets were directly accessed, even if the extent of the intrusion is still being investigated.

MTN said that its “core network, billing systems, and financial services infrastructure remain secure and fully operational” and that there was “no evidence of compromise to any of our critical infrastructure, core MTN platforms, or services.” MTN Group also revealed on Thursday that an unidentified third party had allegedly gained access to information connected to certain of its systems.

The organisation doesn’t currently have any evidence that the wallets and accounts of our clients have been directly compromised. The Group promptly triggered its cybersecurity response procedures.

In addition to informing the South African Police Service (SAPS) and the Hawks, a specialized crime section, the Johannesburg-based telecom giant, which serves 290.9 million people in 19 countries, is also working with authorities in the impacted regions.

In order to comply with regional legal obligations, MTN is also contacting the affected clients.

The operator stated, “We have notified the appropriate national authorities and will keep them updated on a regular basis while collaborating closely with them and other law enforcement bodies to support their investigations. In accordance with local legal and regulatory obligations, we are in the process of notifying affected customers.”

MTN is currently in the process of informing impacted consumers in compliance with regional legal and regulatory standards as part of its continuous efforts to reduce any risks.

The business suggested that its clients take precautions to protect their data.

According to insiders, this attack has not yet harmed MTN Nigeria, the group’s largest market by number of subscribers.

Additionally, MTN Group recommended all of its clients to maintain vigilance and adhere to standard security protocols, such as updating their banking, MTN, and MoMo apps and devices.

Setting up fraud warnings on credit reports, upgrading apps frequently, creating strong, one-of-a-kind passwords, and being wary of unsolicited messages with dubious links are some of the suggested precautions.

For accounts, create strong, one-of-a-kind passwords and update them frequently. Avoid clicking on dubious links and exercise caution when you receive unexpected messages. Never divulge passwords, PINs, or OTPs when prompted to do so via email, text message, or phone call. “Multifactor authentication should be enabled wherever it is available,” it continued.

Customers were also cautioned by MTN not to divulge private information by email, text, or phone, including passwords, PINs, and one-time passwords. 

For extra precaution, the organization also suggests turning on multi-factor authentication where it is available.

The increased cyber activity on the continent is reflected in this MTN attack. According to Check Point Software, in the first quarter of 2025, the average number of attacks worldwide was 3,286 in Africa.

With a 69 percent annual increase to 1884 attacks per week, South Africa saw the most significant increase. The telecom industry also saw the largest percentage increase in the world, rising by 94% to 2,664 attacks each week.

Because they create, manage, and run vital infrastructure that is utilized for communication and the storage of vast volumes of sensitive data, telecom businesses have emerged as a major target for cybercriminals, according to Deloitte.

Customer data is a frequent high-impact target because hackers can use it to launch additional attacks, steal money, commit identity theft, or blackmail customers. 

“The necessity for stronger security measures is highlighted by the ongoing increase in cyberattacks. Strengthening cyber security postures should be an organization’s top priority, said Lionel Dartnall, Check Point Software Technologies’ Country Manager SADC.