Flutterwave, a leading African payment company has revealed that no funds were stolen in an attempted breach network and also reported offenders to security agencies, according to management.
The company detected unusual activities in April and carried out thorough processes to ensure the protection of all its customers.
The breach was effectively halted by the platform’s robust security measures, preventing any impact on funds. Flutterwave promptly notified the appropriate authorities and provided them with the IP address and information of the perpetrators.
READ MORE: LemFi Suspends Ghana Operations, Here’s Why
In a press release issued on Thursday, Flutterwave assured its customers and stakeholders that their funds were not affected in any way.
Flutterwave will undertake improvements on the said platform and move its users to another platform to ensure business continuity for its customers.
The company recommended that its clients make use of the security features provided when using Flutterwave, emphasizing their responsibility to uphold optimal personal security protocols.
As leaders, we continue to invest heavily in our security infrastructure to ensure customers continue to remain safe as they transact using Flutterwave
As a proactive step to strengthen security, we are enhancing safety features on the affected platform and will be migrating some of our customers to another platform to ensure they can benefit from the security enhancements
We will continue our advocacy for ecosystem-led system initiatives that will help in fighting security threats in the digital ecosystem across Africa,” the statement reads.
Two executives in the financial services industry, who also confirmed the incident, said Flutterwave reached out to request KYC details of the accounts involved. They, however, maintained that the accounts related to the incident have been temporarily restricted.
The matter has been reported to law enforcement, the report added.
More Insights
This is the fourth incident of unauthorized transfers at Flutterwave reported in the last fourteen months. In October 2023, about 6,000 account holders across 35 banks and financial institutions received ₦19 billion ($24 million) illegally transferred through unauthorized transactions by POS merchants.
Meanwhile, on March 5, 2023, Flutterwave also denied claims that its account was hacked and that N2.9 billion was illegally transferred from its account to several other accounts. However, court documents revealed that the company had sought police assistance to recover what was stolen.
Identifying the account owners involved in the latest incident may be easier than before since the Central Bank mandated all financial institutions to require all customers to provide their bank verification number (BVN) or a national identification number (NIN) for account or wallet opening by March 2024.
In February, Flutterwave received a court order—a Mareva injunction— that lets it recover the funds and assets of the identified account holders, even though they have spent the funds, with the KYC details provided by these financial institutions.
Fintech, Banks, And Their Battle With Fraud
There has been an increase in cybercrimes in Nigeria, leading to trust issues between companies and their customers. Flutterwave is not the sole company affected by these fraudulent incidents.
For instance, MTN, Africa’s largest mobile network operator, lost a total of N10.5 billion to cyber criminals in 2022. Also, Patricia Technologies Limited, a popular crypto platform, lost $2 million that belonged to its depositors in January 2022 to fraudsters, leading to the suspension of the platform.
Access Bank, a prominent financial institution in Nigeria, has also experienced the repercussions. In June 2023, the bank took legal action to recover N30 billion that had been lost to hackers. Additionally, in July 2023, Access Bank filed another lawsuit to retrieve N5 billion that had been compromised by cybercriminals.
Similarly, the Fraud and Forgeries report released by the Financial Institutions Training Centre (FITC) revealed that Nigerian banks lost a total of N2.09 billion to frauds in Q4 2023 with mobile emerging as the top channel through which the largest amount was lost.
