New post Need visibility? Apply for a FREE post for your Startup.  Apply Here

News

Flutterwave suffers another major security breach, loses billions

1 Mins read

Nigerian fintech unicorn, Flutterwave, has suffered yet another devastating security breach, with unknown perpetrators illegally diverting billions of naira into unauthorized accounts across multiple banks. This is the fourth such incident reported in just over a year for the San Francisco-based payments company.

According to insider sources, in April 2024 the hackers managed to transfer at least ₦11 billion ($7 million), and potentially up to ₦20 billion ($13.5 million), to various accounts over a four day period. The illicit transactions seemed designed to avoid fraud detection by keeping deposits below certain thresholds.

As is common in the financial services industry, there will always be attempts by bad actors to compromise security systems,” Flutterwave acknowledged in a statement. “In April, we detected unauthorized activities…on one of our platforms used by a small subset of customers.”

However, the company insists that “no customer funds were lost or compromised” and that customer data confidentiality remains intact. Flutterwave says it has reported the matter to law enforcement for investigation.

Two financial services executives confirmed that Flutterwave reached out requesting account holder details from the banks involved, and that those suspect accounts have been temporarily frozen.

The modus operandi appears somewhat different from past breaches, suggesting a more sophisticated network was involved. Rather than simply funneling funds to random accounts, there seems to have been a closed loop of transfers between certain accounts before moving the money to a central beneficiary.

Read also: Nigeria to open Startup House in San Francisco Tech Hub

This is the latest in a troubling series of cybersecurity lapses at Flutterwave. In October 2023, ₦19 billion was illegally taken through POS merchants across multiple banks. Prior to that, ₦550 million was diverted in March 2023, while ₦2.9 billion was stolen in a February 2023 breach.

As one of Africa’s pioneering unicorn startups valued at over $3 billion, Flutterwave’s recurring vulnerability to hackers raises serious concerns over its security infrastructure. Identifying the perpetrators could be aided by recent regulations requiring national ID numbers for all bank accounts. However, regaining customer trust will likely prove an uphill battle.

Don’t miss any tech news ever!

We don’t spam! Read our privacy policy for more info.

897 posts

About author
When I'm not reading about tech, I'm writing about it, or thinking about the next weird food combinations to try. I do all these with my headphones plugged in, and a sticky note on my computer with the words: "The galaxy needs saving, Star Lord."
Articles
Related posts
News

Hackers Attack NBS Website, Forcing Shutdown

1 Mins read
The National Bureau of Statistics (NBS) confirmed that its official website has been compromised by hackers, just two weeks after unveiling its…
News

Hackers steal $16.8m from Uganda's Central Bank

1 Mins read
Uganda’s Central Bank has become the latest victim of cyber attack. The bank fell to a sophisticated cyber attack by hackers known…
News

Crypto entrepreneur eats popular $6.2m banana artwork

1 Mins read
Interesting things keep happening all around the world, and one of them involves a cryptocurrency entrepreneur, Justin Sun, who transformed an iconic…
Newsletter Subscription

🤞 Don’t miss any update!

We don’t spam! Read more in our privacy policy

Join our Telegram channel here - t.me/TechpadiAfrica

Leave a Reply

×
News

Nigeria to open Startup House in San Francisco Tech Hub