Africa’s largest mobile network operator MTN Group reports data breach

MTN Group Limited, Africa’s largest mobile network operator, disclosed a cybersecurity incident that resulted in the unauthorized access of personal information belonging to some of its subscribers. The company, headquartered in Johannesburg, emphasized that its core network, billing systems, and financial services infrastructure remained secure and fully operational following the breach.

Founded in 1994, MTN Group has grown to serve over 290 million subscribers across 18 countries in Africa and the Middle East. The telecommunications giant offers a diverse range of services, including voice, data, digital, fintech, and enterprise solutions, and is actively expanding into areas such as mobile money and digital entertainment. Publicly traded on the Johannesburg Stock Exchange under the ticker symbol MTN, the company reported service revenues exceeding $11 billion.

In a public statement, MTN confirmed that an unknown third party had claimed access to data linked to parts of its systems. However, the company assured that there was no indication that customer accounts or digital wallets had been directly compromised. "MTN Group would like to inform stakeholders that it has experienced a cybersecurity incident that resulted in unauthorised access to personal information of some MTN customers in certain markets," the statement read. "Our core network, billing systems and financial services infrastructure remain secure and fully operational."

Following the incident, MTN promptly reported the breach to the South African Police Service (SAPS) and the Directorate for Priority Crime Investigation (DPCI), commonly known as the Hawks. The company also confirmed its commitment to notify affected customers in accordance with local legal and regulatory requirements.

MTN urged all customers to exercise heightened vigilance by implementing fraud alerts, updating mobile applications, using strong and unique passwords, avoiding suspicious links, and enabling multifactor authentication.

At this time, no ransomware groups have claimed responsibility for the breach. The disclosure comes amid heightened concerns over cybersecurity risks in South Africa’s telecommunications sector. In April 2025, Cell C, one of the country’s major telecom providers, confirmed a data breach linked to a 2024 ransomware attack orchestrated by the RansomHouse group. The attackers reportedly exfiltrated two terabytes of sensitive data, including personal and financial information, which was later leaked on the dark web.