Pierluigi Paganini April 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information.

MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. Founded in 1994, it has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Middle East.

MTN offers a range of services including voice, data, digital, fintech, and enterprise solutions. The company is also expanding into areas like mobile money and digital entertainment, aiming to become Africa’s leading digital platform.

Publicly listed on the Johannesburg Stock Exchange under the ticker MTN, the company reported service revenues of over $11 billion.

The company disclosed a data breach that exposed subscribers’ personal information, it added that the incident did not impact core network, billing system,s and financial services infrastructure.

“MTN Group would like to inform stakeholders that it has experienced a cybersecurity incident that resulted in unauthorised access to personal information of some MTN customers in certain markets. Our core network, billing systems and financial services infrastructure remain secure and fully operational.” reads the statement published by the company. “An unknown third-party has claimed to have accessed data linked to parts of our systems. At this stage we do not have any information to suggest that customers’ accounts and wallets have been directly compromised.”

MTN notified the South African Police Service (SAPS) and the Hawks (aka Directorate for Priority Crime Investigation (DPCI)) in South Africa. The company is going to notify impacted customers in compliance with local legal and regulatory obligations.

MTN urges customers to stay vigilant by placing fraud alerts, updating apps, using strong passwords, avoiding suspicious links, and enabling multifactor authentication.

At this time, no ransomware groups have claimed responsibility for an attack.

In April 2025, Cell C, one of the biggest telecom providers in South Africa, confirmed a data breach following a 2024 cyberattack. Cell C has confirmed a data breach following a RansomHouse cyberattack that occurred last year. The ransomware group has since leaked the stolen data on its dark web leak site. The gang claimed the theft of 2 TB of data. Compromised data includes full names, contact details, ID numbers, banking information, driver’s license numbers, medical records and passport details.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, MTN Group)