MTN Group, Africa’s largest mobile operator, said on Thursday it suffered a cybersecurity breach that exposed personal data of some customers in certain markets, but its core networks, billing systems, and financial platforms remain secure.
An unidentified third party claimed to have accessed parts of MTN’s systems, the company said in a statement posted on its website.
While the scope of the breach is still under investigation, MTN reassured stakeholders that there is no indication that customer accounts or digital wallets were directly compromised.
“No evidence of compromise to any of our critical infrastructure, core MTN platforms, or services,” MTN stated, adding that its “core network, billing systems, and financial services infrastructure remain secure and fully operational.”
The Johannesburg-based telecom giant, which serves 280 million customers across 19 countries, has notified the South African Police Service and the Hawks, a specialised crime unit, and is coordinating with authorities in affected markets.
MTN is also reaching out to impacted customers to meet local regulatory requirements.
“We have informed the relevant country authorities and will continue to update them on an ongoing basis while working closely with them and law enforcement agencies to support their investigations,” the operator noted.
As part of its ongoing efforts to mitigate potential risks, MTN is in the process of notifying affected customers in accordance with local legal and regulatory requirements.
The company advised its customers to take preventive steps to safeguard their information.
Among the recommended measures are placing fraud alerts on credit reports, regularly updating apps, using strong and unique passwords, and exercising caution with unsolicited messages containing suspicious links.
MTN further urged customers to avoid sharing sensitive information, such as passwords, PINs, and one-time passwords, over the phone, text, or email.
Where available, the company also recommends enabling multi-factor authentication for added security.