MTN Group says it suffered a cybersecurity incident that resulted in unauthorised access to personal information of some of its customers in certain markets.
However, the company stated that its core network, billing systems, and financial services infrastructure remain secure and fully operational.
Disclosing this on Thursday, MTN Group said an unknown third party has claimed to have accessed data linked to parts of its systems.
“At this stage, we do not have any information to suggest that customers’ accounts and wallets have been directly compromised. The Group immediately activated its cybersecurity response processes, including informing the South African Police Service (SAPS) and the Hawks in South Africa,” it said.
MTN, Airtel agree to network sharing in Nigeria, Uganda
After N1.1trn FX losses, MTN, Airtel projected for profitability in 2025
According to the group, it had also notified the relevant authorities in the affected countries and would continue to work closely with them and law enforcement to support ongoing investigations.
“We are in the process of notifying affected customers in compliance with local legal and regulatory obligations,” the operator said.
Users were urged to remain vigilant and observe standard security practices, including setting strong passwords, avoiding suspicious messages, and enabling multifactor authentication where available.
“The privacy of information is our top priority, and MTN remains committed to safeguarding the integrity of our systems and the trust placed in us by our customers and other stakeholders.
“To mitigate any fraudulent consequences, a fraud alert can be placed on an individual’s credit report at any of the major credit bureaus,” the telecoms company said.
“Keep MTN, MoMo and banking apps and devices updated. Use strong, unique passwords for accounts and change them regularly.
“Be cautious of unexpected messages and do not click on suspicious links. Do not disclose information such as passwords, PINs and OTP when asked to do so by phone, text message or email.Where multifactor authentication is available, it should be activated.”
