Private messages exposed in massive data spill from loan shop.

Tools
Private messages exposed in massive data spill from loan shop.

Published:

Written by: Staff Editor
spot_img

Data Leak at Nigerian FinTech Company Exposes 846,000 Customers and Their Emergency Contacts

A shocking data leak at Nigerian FinTech company BestFin Nigeria has exposed the personal information of 846,000 customers and their emergency contacts. The leak, discovered by the Cybernews research team on July 2nd, 2024, revealed that money lenders are going to extreme lengths to extract data from their clients, including accessing private communications.

The leaked database, over 300GB in size, contained a plethora of sensitive information, including personal details, emergency contacts, app installations, contact lists, device identifiers, SMS messages, and even bank verification numbers. This extensive data collection raises serious privacy concerns and potential risks for the affected individuals.

Furthermore, the researchers found evidence of a compromise by an external threat actor, who left a ransom note demanding payment for the recovery of the database. This alarming development highlights the vulnerability of personal data in the hands of financial institutions and the potential for exploitation by cybercriminals.

The leak also shed light on unethical practices among digital lending services in Nigeria, with some exposed messages revealing blackmail, harassment, and other coercive tactics used by lenders. This revelation underscores the urgent need for stronger data privacy regulations and enforcement in the country.

As the investigation continues, users of the iCredit app in Nigeria are advised to remain vigilant against phishing scams and unauthorized access to their accounts. Cybernews has reached out to BestFin Nigeria for a comment on the incident but has yet to receive a response.

The disclosure timeline shows that the data leak was discovered on July 2nd, with access to the database finally closed on August 26th after multiple follow-up attempts. This incident serves as a stark reminder of the importance of safeguarding personal data in the digital age and the need for greater transparency and accountability in the financial sector.

spot_img

Related articles

Recent articles

Google’s Dark Web Monitoring Is Ending: Next Steps for You

Dark Watch
Google is set to discontinue its dark web monitoring service designed to warn users about the exposure of personal information, such as names, email...
Read more

Understanding the Digital Trust Crisis: Why We Question Every Click

Global
When Convenience Turns into Caution The internet was originally founded on a principle of trust: confidence that online transactions would be secure, personal identities would...
Read more

84 Hours of Internet Blackout in Iran Amid Growing Unrest

Dark Watch
Iran's Internet Blackout: A Deepening Crisis Amid Unrest Four Days Without Connectivity Iran has plunged into a state of digital isolation as an internet blackout enters...
Read more

NSA Appoints Timothy Kosiba to Lead Cybersecurity Strategy

Resources
Appointment of Timothy Kosiba as NSA Deputy Director: A Leadership Milestone The National Security Agency (NSA) has recently announced a pivotal leadership change with the...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com