Scammers Swipe ₦5 Billion From 3 Fintechs In Just 8 Months

Nigerian fintechs faced a substantial loss of about ₦5 billion in just eight months due to the increasing activities of hackers and fraudsters.

In a shocking eight-month spree of cyberattacks, Nigerian fintech companies have fallen victim to a series of devastating breaches, collectively losing over ₦5 billion to cunning fraudsters.

These relentless assaults on the financial technology sector have not only raised concerns about the industry’s security but also unveiled an alarming surge in insider involvement in these financial crimes.

The digital battleground for these fintechs intensified as hackers and fraudsters, driven by both sophisticated tactics and inner betrayals, took advantage of vulnerabilities in the systems. Even well-secured payment platforms were compromised when interconnected with sister fintechs, lacking adequate cybersecurity measures.

As per a report by Nairametrics, the escalating wave of fraudulent activities plaguing the Nigerian financial sector is mainly attributed to the rise in insider jobs, a challenge that has left fintech companies grappling to fortify their defence mechanisms.

Darlington Onyeagoro, the Chief Executive Officer of one of Nigeria’s leading digital banks, Aladin, shared a harrowing account of how hackers infiltrated a Nigerian fintech, making off with over ₦800 million.

What is particularly disconcerting is the revelation that some insiders may have played a pivotal role in these fraudulent activities, raising profound concerns and posing a formidable challenge for fintech firms across Nigeria. Moreover, the breaches have exposed a disturbing trend: attacks on sister fintech platforms that, when compromised, could compromise even the most secure payment platforms due to their interconnected nature.

The most recent victim, the popular crypto platform, Patricia has been grappling with payment disruptions following a devastating loss of funds to hackers. Patricia had to suspend withdrawals after disclosing the compromise of Bitcoin and naira assets, resulting in an undisclosed financial loss estimated to be around $2 million.

However, Hanu Fejiro, the platform’s founder and CEO, has guaranteed that customer reimbursement will begin on November 20, 2023.

Similarly, Flutterwave, another prominent fintech company, faced a hacker assault earlier this year, resulting in the theft of approximately ₦2.9 billion in customer funds. While the platform urged users to activate safety protocols and protect their funds, it refrained from disclosing the exact extent of the loss.

Shockingly, the hack’s details only came to light through court documents, revealing a petition by Flutterwave’s legal counsel to the police, seeking assistance in freezing 107 bank accounts across 27 banks to recover the stolen funds.

This disturbing trend of fintech breaches is symbolic of a broader issue in the financial sector. According to the Financial Institutions Training Centre (FITC) Fraud and Forgeries Report, Nigerian commercial banks also suffered substantial losses, totalling ₦5.79 billion due to fraudulent activities in the second quarter of 2023.

This staggering figure represents an alarming 1,125.03% increase compared to the ₦472 million lost in the first quarter of the year. The report also underscores the disturbing rise in insider involvement, with insider activities surging by 20.55% during the second quarter of this year.

The fintech industry in Nigeria is in dire need of robust security measures to combat this growing threat of cyberattacks and insider breaches, or the financial losses may continue to mount.