Flutterwave, a prominent fintech company in Nigeria, has faced another security breach resulting in a loss of ₦11 billion ($7 million) due to unauthorized transactions.
This incident occurred in April 2024, shortly after the company had obtained a court order to recover $24 million lost in unauthorized POS transactions.
The breach highlights a concerning trend of fraud within Nigeria’s fintech industry. Perpetrators reportedly transferred the funds to multiple accounts, potentially utilizing a sophisticated network to conceal the transactions.
Despite the breach going undetected for several days, Flutterwave assures that no customer funds were compromised, and customer data confidentiality remains secure.
Nevertheless, the company’s reputation has been significantly impacted, prompting questions about its security protocols and risk management strategies.
This breach is not the first Flutterwave has encountered, with four unauthorized transfer incidents totaling billions of naira reported in the last fourteen months.
These events underscore the challenges faced by Nigerian fintech firms in combating fraud and safeguarding customer funds.
While the Central Bank of Nigeria’s requirement for BVN or NIN during account opening aimed to enhance security, the recurring breaches at Flutterwave indicate a need for further protective measures.
In response, Flutterwave has launched investigations, involved law enforcement, and temporarily restricted the accounts involved, requesting KYC details.
