MTN’s cyberattack last week underscores how cybercrime has become the single biggest threat to businesses worldwide, topping issues like load-shedding and political instability, according to insurer Allianz.
Africa’s largest mobile provider confirmed its systems were recently breached by a group of cybercriminals, adding to a growing list of high-profile public and private sector organisations whose digital defences have been compromised.
“MTN Group would like to inform stakeholders that it has experienced a cybersecurity incident that resulted in unauthorised access to personal information of some MTN customers in certain markets. Our core network, billing systems and financial services infrastructure remain secure and fully operational.”
According to the mobile operator, “an unknown third-party has claimed to have accessed data linked to parts of our systems. At this stage we do not have any information to suggest that customers’ accounts and wallets have been directly compromised.”
The group said it immediately activated its cybersecurity response processes, including informing the police and the Hawks.
This highlights the growing need for increased investment in cyberdefences.
According to the Allianz Risk Barometer, cyber incidents — including ransomware attacks, data breaches and IT outages — are now the top global business risk, marking their fourth year at the top.
Organisations are improving their defences against cyberattacks, yet 7 out of 10 still experienced an attack in the past year.
— Anand Eswaran, CEO of Veeam
A decade ago, only 12% of global respondents cited cyber as a major concern. In 2025, that number surged to 38%.
“Cyber is the top risk across North and South America, Europe and Africa,” said the insurer.
Allianz points to recent high-profile incidents such the attacks on MTN rival Cell C and the SA Bureau of Standards (SABS) as evidence of this trend.
In December, Cell C confirmed hat it had suffered a major ransomware attack. Sensitive unstructured customer data — including ID numbers, bank details, driver’s licences, medical records and passport information — was compromised and later leaked on the dark web.
The SABS has seen three cyberattacks in just five years. It was revealed in February that core systems remained encrypted and inaccessible at the service after the latest attack in November 2024.
Herman Stroop, lead ISO specialist at World Wide Industrial & Systems Engineers (WWISE), said both attacks were preventable.
“Neither Cell C nor SABS were ISO/IEC 27001 certified — a globally recognised standard for information security management,” he explained. “This standard isn’t just a technical checklist. It’s a framework that forces an organisation to understand its vulnerabilities, assess its risks and apply controls that address these risks in a structured, auditable way.”
Even then, criminals have become highly sophisticated and able to penetrate advanced digital security systems.
Data resilience specialist Veeam recently noted that 69% of organisations experienced ransomware attacks even with enhanced cybersecurity measures over the last year.
“Organisations are improving their defences against cyberattacks, yet 7 out of 10 still experienced an attack in the past year,” said Anand Eswaran, CEO of Veeam.
“And of those attacked, only 10% recovered more than 90% of their data, while 57% recovered less than 50%. Our latest findings clearly indicate that the threat of ransomware will continue to challenge organisations throughout 2025 and beyond.”
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.