MTN Group Data Breach: What You Need to Know
Explore the recent data breach affecting MTN Group, its impact, and the measures taken to mitigate the risks. Stay informed about cybersecurity threats and best practices.
TL;DR
MTN Group, a leading African telecommunications company, recently disclosed a data breach that exposed subscribers’ personal information. The incident did not affect core network infrastructure, billing systems, or financial services. MTN has notified authorities and is taking steps to inform affected customers.
MTN Group Data Breach: What Happened?
MTN Group Limited, a prominent South African multinational telecommunications company headquartered in Johannesburg, has reported a significant data breach. Founded in 1994, MTN has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Middle East. The company offers a range of services including voice, data, digital, fintech, and enterprise solutions, and is expanding into mobile money and digital entertainment.
Overview of MTN Group
MTN Group is publicly listed on the Johannesburg Stock Exchange under the ticker MTN and reported service revenues of over $11 billion. The company’s diverse offerings and expansive reach make it a critical player in the African telecommunications landscape.
Details of the Data Breach
MTN Group recently disclosed a data breach that exposed subscribers’ personal information. The company emphasized that the incident did not impact its core network, billing systems, or financial services infrastructure. According to the official statement:
“MTN Group would like to inform stakeholders that it has experienced a cybersecurity incident that resulted in unauthorized access to personal information of some MTN customers in certain markets. Our core network, billing systems, and financial services infrastructure remain secure and fully operational.”
The statement further noted that an unknown third-party had claimed to have accessed data linked to parts of their systems. MTN reassured customers that there is no information suggesting that their accounts and wallets have been directly compromised.
Response and Mitigation Measures
MTN has taken several steps to address the data breach:
- Notified Authorities: The company has informed the South African Police Service (SAPS) and the Hawks (Directorate for Priority Crime Investigation) in South Africa.
- Customer Notification: MTN will notify impacted customers in compliance with local legal and regulatory obligations.
- Customer Advisory: MTN urges customers to stay vigilant by placing fraud alerts, updating apps, using strong passwords, avoiding suspicious links, and enabling multifactor authentication.
Comparison with Previous Incidents
In April 2025, Cell C, another major telecom provider in South Africa, confirmed a data breach following a cyberattack in 2024. The RansomHouse group claimed responsibility for the attack and leaked 2 TB of stolen data on their dark web leak site. The compromised data included full names, contact details, ID numbers, banking information, driver’s license numbers, medical records, and passport details.
Conclusion
The data breach at MTN Group highlights the ongoing cybersecurity challenges faced by telecommunications companies. While MTN has taken immediate steps to mitigate the impact, the incident underscores the importance of robust cybersecurity measures and continuous vigilance. For further insights, check out the full article on Security Affairs.
For more updates, follow @securityaffairs on Twitter, Facebook, and Mastodon. You can also connect with Pierluigi Paganini.