MTN has revealed that over five thousand MTN Ghana customer’s data has been potentially breached.
According to the MTN group, the potential data breach may have compromised the personal information of roughly 5,700 MTN Ghana customers.
Ghana’s Data Protection Commission (DPC) is working to establish the magnitude and cause of the cybersecurity breach.
MTN Group in a statement released on Monday, April 28, 2025, confirmed that it is collaborating with top-tier cybersecurity experts to conduct a forensic investigation.
The company stated, “MTN assures its customers that protecting their information is central to our operations. We are devoting all necessary resources to swiftly assess the situation, contain the breach, and maintain the trust our customers have placed in us”.
MTN has also assured they will directly contact all individuals whose data may have been affected as soon as the probe provides clearness.
Meanwhile, the company has encouraged customers to remain alert and shared the following tips to help customers protect themselves:
- To mitigate any fraudulent consequences, a fraud alert can be placed on an individual’s credit report at any of the major credit bureaus.
- Keep MTN, MoMo and banking apps and devices updated.
- Use strong, unique passwords for accounts and change them regularly.
- Be cautious of unexpected messages and do not click on suspicious links.
- Do not disclose information such as passwords, PINs and OTP when asked to do so by phone, text message or email.
Additionally, MobileMoney LTD (MoMo from MTN) responded to a lady who alleged that GH¢11,000 was withdrawn from her MoMo without her authorisation.
According to the lady, an amount of over GH¢11,000 was withdrawn from her account on Sunday afternoon April 13, 2025.
She claimed 11,100 cedis was withdrawn first and later 220 cedis was also withdrawn.
She asserted that despite reaching out to customer support, she’s yet to get positive feedback after she was told to wait for 15 days.
According to MTN in a statement issued, the lady case is a case of social engineering where a person unknowingly shares sensitive information like one-time password (OTP), One-Time verification link and PIN.
