MTN Group has confirmed a cybersecurity breach that exposed personal data of some customers in certain markets. The telecom giant assured the public, however, that its core infrastructure remains secure and fully operational.
The breach involved an unknown third party gaining unauthorized access to parts of MTN’s systems, although the company emphasized that critical services, including mobile money and digital wallets, were unaffected. In a statement released on Thursday, April 24, 2025, MTN clarified that investigations are ongoing, but no evidence suggests any compromise of its central infrastructure, such as its network, billing, or financial service platforms.
MTN has alerted the South African Police Service (SAPS) and is collaborating with regulatory bodies in the affected regions. The company urged customers to take steps to safeguard their data, such as monitoring financial statements, using strong passwords, and being cautious with suspicious communications.
“An unknown third-party has claimed to have accessed data linked to parts of our systems,” MTN said. “At this stage, we do not have any information to suggest that customers’ accounts and wallets have been directly compromised.”
MTN immediately activated its cybersecurity response processes, which included informing the SAPS and the Directorate for Priority Crime Investigation (Hawks). The company also informed the relevant country authorities and is in the process of notifying affected customers in compliance with local legal and regulatory obligations.
“The privacy of information is our top priority and MTN remains committed to safeguarding the integrity of our systems and the trust placed in us by our customers and other stakeholders,” MTN stated. “We will continue to contain and manage this matter carefully.”
As part of its response, MTN provided general cyber defense advice for customers. They recommended placing a fraud alert on an individual’s credit report at any of the major credit bureaus to mitigate any potential fraudulent consequences. Customers should also keep their MTN, MoMo, and banking apps updated, use strong, unique passwords for accounts, and change them regularly.
Moreover, MTN advised users to be cautious of unexpected messages and to avoid clicking on suspicious links. They stressed that customers should not disclose sensitive information such as passwords, PINs, and one-time passwords (OTPs) when asked to do so by phone, text message, or email. Where multifactor authentication is available, it should be activated.
The cybersecurity incident at MTN comes amid a concerning trend in South Africa, where cyberattacks have been on the rise. The Interpol African Cyberthreat Assessment Report for 2024 highlights that over 300 cases of ransomware attempts were detected in just one week in February 2023. Alarmingly, 78% of companies in South Africa reported suffering attacks that year.
High-profile cyberattacks have targeted various sectors, including those against Porsche South Africa’s Johannesburg headquarters and the South African division of international credit bureau TransUnion. Last year, other companies that reported hits included Africa's largest packaging firm Nampak, Sibanye-Stillwater, and Wesizwe Platinum. This trend has raised concerns about the overall cybersecurity posture of firms operating in the region.
In light of these developments, MTN’s commitment to transparency and customer protection has been underscored by the ongoing investigations and the company's proactive approach to notifying affected customers. As the situation develops, MTN has promised to keep the public informed about any new findings related to the breach.
As the largest mobile operator in Africa, MTN's cybersecurity challenges are not only significant for the company but also reflect broader issues within the telecommunications industry. The firm’s swift response may serve as a model for other companies facing similar threats, emphasizing the importance of prompt action and communication in maintaining customer trust.
Moving forward, customers are encouraged to remain vigilant and follow regular security measures to protect their personal information. MTN’s advice to use strong passwords, enable multifactor authentication, and be cautious with communications is vital in today’s digital landscape, where threats are increasingly sophisticated.
In summary, while the breach has raised alarms, MTN has reassured its customers that its core services remain secure, and it continues to prioritize the protection of customer data amid ongoing investigations.
