Private messages exposed in massive data spill from loan shop.

Tools
Private messages exposed in massive data spill from loan shop.

Published:

Written by: Staff Editor
spot_img

Data Leak at Nigerian FinTech Company Exposes 846,000 Customers and Their Emergency Contacts

A shocking data leak at Nigerian FinTech company BestFin Nigeria has exposed the personal information of 846,000 customers and their emergency contacts. The leak, discovered by the Cybernews research team on July 2nd, 2024, revealed that money lenders are going to extreme lengths to extract data from their clients, including accessing private communications.

The leaked database, over 300GB in size, contained a plethora of sensitive information, including personal details, emergency contacts, app installations, contact lists, device identifiers, SMS messages, and even bank verification numbers. This extensive data collection raises serious privacy concerns and potential risks for the affected individuals.

Furthermore, the researchers found evidence of a compromise by an external threat actor, who left a ransom note demanding payment for the recovery of the database. This alarming development highlights the vulnerability of personal data in the hands of financial institutions and the potential for exploitation by cybercriminals.

The leak also shed light on unethical practices among digital lending services in Nigeria, with some exposed messages revealing blackmail, harassment, and other coercive tactics used by lenders. This revelation underscores the urgent need for stronger data privacy regulations and enforcement in the country.

As the investigation continues, users of the iCredit app in Nigeria are advised to remain vigilant against phishing scams and unauthorized access to their accounts. Cybernews has reached out to BestFin Nigeria for a comment on the incident but has yet to receive a response.

The disclosure timeline shows that the data leak was discovered on July 2nd, with access to the database finally closed on August 26th after multiple follow-up attempts. This incident serves as a stark reminder of the importance of safeguarding personal data in the digital age and the need for greater transparency and accountability in the financial sector.

spot_img

Related articles

Recent articles

UAE Seeks $354 Billion in Foreign Direct Investment After $45.6 Billion in 2024

Regional
UAE Achieves Significant Milestone in Foreign Direct Investment The United Arab Emirates (UAE) has reached a remarkable position in the global investment landscape, securing the...
Read more

Ultimate Guide to Secure Vibe Coding

Global
Understanding Vibe Coding: Navigating the New Landscape of AI-Generated Software The Rise of Vibe Coding As we move through 2025, vibe coding has emerged as a...
Read more

28 Years Later: Dark Web Hints at the Truth Behind the Rage Virus

Dark Watch
Unveiling the Dark Side of "28 Years Later": A Mysterious Dark Web Site The buzz surrounding the upcoming film 28 Years Later has reached new...
Read more

Unlocking Human Potential: Ignite a Renaissance Together

Knowledge Hub
Embracing the Future: How ServiceNow University is Pioneering a New Era of Learning In a rapidly evolving workplace shaped by technological advancements, ServiceNow has taken...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com