An unknown third-party claimed to have accessed data linked to parts of MTN’s systems.
MTN, a leading mobile network operator, recently experienced a cybersecurity incident that led to unauthorized access to personal information of some customers in certain markets. Despite this breach, MTN assured its customers that there was no compromise to its critical infrastructure platforms or services.
Cyberattack
According to MTN, an unknown third party claimed to have accessed data linked to parts of their systems. However, there is currently no evidence to suggest that customers’ accounts and wallets have been directly compromised. The core network, billing systems, and financial services infrastructure of MTN remain secure and fully operational.
Investigations
Upon discovering the cyberattack, MTN activated its cybersecurity response processes and informed law enforcement agencies, including the South African Police Service and the Hawks. The company also notified relevant country authorities and pledged to support ongoing investigations.
Confined to SA?
While MTN did not disclose which markets were affected by the cyberattack, it is believed to be related to its South African operations. The company is currently in the process of notifying affected customers to comply with legal and regulatory obligations.
Precautions
MTN has advised customers to remain vigilant and follow regular security measures to mitigate any potential fraudulent consequences. This includes placing a fraud alert on credit reports, keeping apps and devices updated, using strong and unique passwords, and being cautious of suspicious messages and links. Customers are also urged not to disclose sensitive information like passwords, PINs, and OTPs when prompted through phone calls, text messages, or emails. Additionally, activating multifactor authentication where available is recommended by the mobile network operator.
It is important for customers to stay informed and take necessary precautions to protect their personal information in light of this cybersecurity incident.
