Online payment company, Flutterwave experienced a security breach in April following an attempted intrusion into their network from hackers.
According to reports by Tech Cabal, a popular tech blog, sources within the financial system said Flutterwave suffered the security breach which allowed unknown persons to divert billions of naira to several bank accounts.
The hackers allegedly transferred around ₦11 billion ($7 million) to several accounts in five financial institutions over a period of four days.
However, Flutterwave in a statement on Thursday, confirmed that the company did experience a network intrusion but said it successfully blocked the attempted intrusion and had reported offenders to security agencies. It assured that customers’ fund remain safe and untouched.
Flutterwave in their statement revealed that the incident happened in April when it detected unusual activities on one of its platforms, which is used by a small number of customers for specific business transactions. The company said it immediately informed law enforcement agencies and handed over the IP address and details of the offenders.
Flutterwave said its security “stopped the breach before customer funds were impacted.” It also promised to undertake improvements on the particular platform that was attacked and move its users to another platform to ensure business continuity for its customers.
The company, however, advised its customers to take advantage of the security measures available while using its platform, as they also have a role to play in ensuring the best personal security practices.
Tech Cabal reports that April’s breach on Flutterwave network appears distinct indicating the involvement of an organised network in the breach. According to insiders, the perpetrators appeared to transfer the money to random accounts, who in turn transfer to other accounts before the money finally gets sent back to the first beneficiary account.”
This is the fourth incident of unauthorised transfers at Flutterwave reported in the last fourteen months. In October 2023, about 6,000 account holders across 35 banks and financial institutions received ₦19 billion (*$24 million) illegally transferred through unauthorised transactions by POS merchants.
In March 2023, about 107 bank accounts in 27 banks received ₦550 million. In a February 2023 breach, ₦2.9 billion was diverted to 107 bank accounts in 27 banks.