MTN Group, Africa’s largest telecommunications provider with nearly 291 million subscribers, has confirmed that it experienced a cybersecurity breach resulting in unauthorized access to customer data in certain markets.
The company emphasized that despite the incident, its core systems including its network infrastructure, billing operations, and financial services platforms remain fully secure and functional.
In a statement issued on Thursday, MTN revealed that an unidentified third party claimed access to specific data within parts of its systems. While investigations are ongoing, MTN assured customers that there is currently no evidence suggesting that individual accounts or mobile wallets have been directly compromised.
Following the discovery, MTN promptly activated its internal cybersecurity response protocols, which included notifying the South African Police Service (SAPS) and the Hawks, the country’s elite crime-fighting unit. It also alerted relevant authorities in affected countries and is working closely with regulators and law enforcement to manage the situation.
The company said it is complying with local regulations and is in the process of notifying affected customers, as required by data protection laws in various jurisdictions. MTN Nigeria, the group’s largest market by subscriber base, has reportedly not been impacted by the breach.
In light of the incident, MTN advised customers to maintain strong digital hygiene. The company encouraged users to update apps regularly, use complex and unique passwords, activate multifactor authentication, and remain vigilant against suspicious messages and phishing attempts.
This breach comes amid a broader rise in cyber threats targeting African businesses. According to Check Point Software, Africa recorded the highest average number of cyberattacks globally in the first quarter of 2025, averaging 3,286 attacks per organization per week. South Africa saw a particularly steep increase of 69% year-on-year, averaging 1,884 weekly attacks.
The telecom industry has emerged as one of the most targeted sectors, with a 94% rise in attacks globally, reaching 2,664 per week. Analysts attribute this trend to the critical infrastructure telecoms manage and the vast amounts of sensitive data they process.
Deloitte has highlighted that telecom operators are increasingly vulnerable because they provide essential communication networks and store vast customer datasets. These datasets are high-value targets for cybercriminals who seek to conduct identity theft, financial fraud, or extortion.
Lionel Dartnall, Country Manager for SADC at Check Point Software Technologies, underscored the importance of cybersecurity resilience, stating: “The continued rise in cyber-attacks emphasizes the need for more robust security measures. Organisations must prioritise strengthening their cyber security postures.”
