Nigerian Fintech Firm Flutterwave Confirms Hacking Attempt, Says Users’ Funds Safe

The Nigerian fintech firm Flutterwave claimed on May 16 that it had foiled an attempt to breach its payments platform. Flutterwave asserted that the “unauthorized activities inconsistent with usual customer behavior” did not compromise users’ funds or data confidentiality. According to one report, over $7 million was siphoned from Flutterwave following a cyberattack in April.

Flutterwave Says User Funds Were Not Compromised

The Nigerian fintech giant, Flutterwave, reported that it thwarted an attempt to breach its platform in April. Since then, the company has implemented enhanced security features to strengthen network security. According to a statement from Flutterwave, the “unauthorized activities inconsistent with usual customer behaviour” did not compromise users’ funds or data confidentiality.

Contrary to Nigerian media reports suggesting a loss of over $7 million (NGN11 billion) due to the breach, Flutterwave maintains that no customer funds were compromised. As reported by Techcabal, the hackers allegedly distributed the stolen funds to several bank accounts shortly after the breach.

Despite this incident, Flutterwave acknowledges that security challenges are common in the payments industry. The company emphasizes the need for collaboration among market participants to address such challenges effectively.

Flutterwave Seeks Assistance from Nigerian Banks

In addition to seeking collaboration with industry peers, Flutterwave said it has taken steps to protect users who may have been impacted by the breach.

“As a proactive step to strengthen security, we are enhancing safety features on the affected platform and migrating some of our customers to another platform to ensure they can benefit from the security enhancements,” Flutterwave said.

The fintech giant, however, said the decision only applies to a minority of users, and most users will not be asked to partake in the migration process.

Meanwhile, the Techcabal report revealed that the latest breach or incident is the fourth reported in the past 14 months. Regarding the latest incident, the report claimed that Flutterwave had asked banks whose accounts were used by the attackers to move the funds for “know your customers” (KYC) details.

What are your thoughts on this story? Let us know what you think in the comments section below. #Write2Earn