WhiteHat NGWhiteHatNG
Incident Monitoring

Cybersecurity Incident Tracking

We monitor and track cybersecurity incidents affecting Nigerian organizations, providing situational awareness and lessons learned to help prevent future attacks.

144+

Incidents Tracked

Since 2015

Monitoring Active

Report an IncidentView Advisories

Incident Statistics since 2015

Breakdown of 144 tracked incidents by type

Ransomware47 (32.6%)
Defacement28 (19.4%)
Ponzi Crashes18 (12.5%)
Breach & Stolen Funds22 (15.3%)
Phishing14 (9.7%)
DDoS8 (5.6%)
Insider Threat4 (2.8%)
Info Stealer Malware3 (2.1%)

Note: Some incidents may not have been captured due to non-reportage

144
Total Tracked
47
Ransomware
89
Organizations
68
Mitigated

Incident Timeline

Major incidents tracked each year since 2015

PhishingMitigatedJanuary 2023
Fake 2023 Election Portal

A sophisticated phishing campaign targeting Nigerian voters was discovered ahead of the 2023 general elections. The fake portal mimicked the official INEC website to harvest voter credentials and personal information.

Impact: Potential voter data compromise
RansomwareRecoveredJanuary 2023
Federal Agency Ransomware Attack

A federal government agency was hit by the 0XXX ransomware variant. Attackers demanded $300 in cryptocurrency for the decryption key. The attack disrupted operations for several days.

Impact: Service disruption, data encryption
BreachUnder InvestigationMarch 2023
Flutterwave Fund Transfer Incident

Nigerian fintech company Flutterwave experienced a security breach resulting in unauthorized transfers totaling approximately ₦2.9 billion. The incident highlighted vulnerabilities in payment processing systems.

Impact: ₦2.9B unauthorized transfers
DefacementRemediatedMarch 2023
Babcock University UIMS Defacement

Babcock University Information Management System (UIMS) was defaced with inappropriate content. The attack exposed weaknesses in the institution web application security.

Impact: Reputational damage, service disruption
RansomwareRecoveredApril 2023
Leadway Assurance - ALPHV Attack

Insurance company Leadway Assurance was targeted by the ALPHV (BlackCat) ransomware group. The sophisticated attack encrypted critical business systems and customer data.

Impact: Business disruption, data encryption
Controversial DisclosureClosedMay 2023
David Sennaike LinkedIn Post

A security researcher posted details about vulnerabilities on LinkedIn without following responsible disclosure practices, sparking debate about ethical disclosure in the Nigerian security community.

Impact: Community discussion on disclosure ethics
DefacementRemediatedJuly 2023
Ogun State Government Website

The official website of Ogun State Government was defaced by threat actors. The incident highlighted ongoing security challenges in government digital infrastructure.

Impact: Reputational damage, temporary service loss
RansomwareUnder InvestigationJuly 2023
Globacom Nigeria - ALPHV Attack

Telecommunications giant Globacom Nigeria was targeted by the ALPHV ransomware group. Attackers demanded $2.5 million for decryption and threatened to leak stolen data.

Impact: $2.5M ransom demand, potential data leak
DDoSMitigatedAugust 2023
Anonymous Sudan vs MTN Nigeria

Hacktivist group Anonymous Sudan launched DDoS attacks against MTN Nigeria as part of their response to ECOWAS intervention discussions. The attack caused intermittent service disruptions.

Impact: Service disruption for customers

Report an Incident

If your organization has experienced a cybersecurity incident, report it to us. We provide coordination support and can help connect you with appropriate resources.

Report an IncidentView Security Advisories