The telecom powerhouse stressed that its core network infrastructure, billing systems, and financial services platforms are safe and fully functional, although it did not reveal the number of countries impacted or the extent of the hack.
“MTN Group would like to inform stakeholders that it has experienced a cybersecurity incident that resulted in unauthorised access to personal information of some MTN customers in certain markets,” the group said, as seen on its website.
“Our core network, billing systems, and financial services infrastructure remain secure and fully operational,” it added.
MTN also revealed that an unidentified third party had allegedly accessed data pertaining to some of its systems.
“An unknown third party has claimed to have accessed data linked to parts of our systems. At this stage, we do not have any information to suggest that customers’ accounts and wallets have been directly compromised,” it stated.
Reacting to the attack, the company promptly triggered its cybersecurity response processes.
“We are in the process of notifying affected customers in compliance with local legal and regulatory obligations,” it said.
MTN noted that it has contacted the appropriate law enforcement authorities, including the South African Police Service (SAPS) and the Hawks, South Africa’s Directorate for Priority Crime Investigation.
This recent breach is coming just months after MTN and other major mobile service providers in Africa, including Airtel and Uganda Telecom, were targeted by the hacktivist organization Anonymous Sudan.
The 2024 cyber attack by Anonymous Sudan
On February 6, 2024, several telecom companies were hit with coordinated Distributed Denial of Service (DDoS) attacks.
Anonymous Sudan claimed responsibility for the assaults, asserting that the hacks were directed at firms believed to be helping the Rapid Support Forces (RSF) in the Sudanese civil conflict.
“We claim full responsibility for this attack because of Nigeria’s government actions against Niger,” the group claimed at the time.
“They are attempting to cut power and are willing to participate in the French colonialistic planned invasion of Niger.”
While MTN has not linked the new data leak to the February 2024 DDoS attacks, the sequence of events raises concerns about Africa’s increasingly vulnerable telecom infrastructure.
Cybersecurity has become an increasingly pressing concern for African telecommunications companies, particularly those operating in various markets with substantial client bases.
The stakes have never been higher, as digital services such as mobile money and data-driven applications become more integrated into daily life and trade.
