What information was compromised in the MTN Group attack?

An unknown third party has claimed to have accessed data linked to parts of MTN's systems. The specific nature of the attack, exposed data, affected markets, and number of affected individuals has not been disclosed. MTN stated, 'At this stage, we do not have any information to suggest that customers' accounts and wallets have been directly compromised.'

What security measures does MTN recommend to its subscribers?

MTN has advised subscribers to implement these general security measures: Place a fraud alert on your credit report via any major credit bureau; Keep MTN, MoMo, and banking apps/devices updated; Use strong, unique passwords and change them regularly; Avoid clicking on suspicious or unexpected messages/links; Never share passwords, PINs, or OTPs via phone, text, or email; Enable multifactor authentication wherever possible.

What happened to Oregon's Department of Environmental Quality (DEQ)?

Oregon's Department of Environmental Quality (DEQ) experienced a cyberattack on Wednesday, April 9th, 2025, forcing the agency to shut down its network systems.

What services were disrupted by the cyberattack?

The cyberattack disrupted several services, including closure of vehicle inspection stations through Friday (with uncertainty about Saturday operations) and a complete network shutdown while the agency worked to isolate servers.

Who is helping address the cyberattack?

The Oregon DEQ's IT team is collaborating with Enterprise Information Systems and Microsoft Cybersecurity teams to address the situation.

Was the 'Your DEQ Online' system affected?

No, the environmental data management system 'Your DEQ Online' operates on a separate server and remained available during the network shutdown.

Who was responsible for the cyberattack?

As of April 18th, 2025, the attack was attributed to the Rhysida ransomware operation.

How much data was compromised in the attack?

The attackers claimed to have compromised more than 2.5 TB of data, contradicting the agency's initial statement that none of its data had been impacted. By April 25th, 2025, the Rhysida ransomware gang had released over 1.3 million files (approximately 2.4 terabytes of data).

What type of data was reportedly stolen?

The hackers claimed the stolen data includes employee details and SQL databases.

What demands did the attackers make?

The attackers demanded a ransom payment of $2.5 million in Bitcoin, threatening to put the stolen data up for sale to a single buyer if the agency failed to pay within one week.

How can the public get updates about service restoration?

Oregon DEQ has advised the public to monitor its website and social media pages for updates regarding service restoration.

Incident

Cyberattack od telecom MTN Group compromises customer data

Q: What happened to MTN Group?

MTN Group, Africa's largest mobile network operator, reported a significant cybersecurity incident resulting in unauthorized access to personal information of some of its subscribers across certain markets. The telecom giant, which serves nearly 300 million subscribers across 20 countries, claims that despite the attack its core infrastructure remains secure.

published: April 25, 2025

Learn More

MTN Group, Africa's largest mobile network operator, is reporting a significant cybersecurity incident resulting in unauthorized access to personal information of some of its subscribers across certain markets. The telecom giant serves nearly 300 million subscribers across 20 countries claims that despite the attack its core infrastructure remains secure.

An unknown third party has claimed to have accessed data linked to parts of MTN's systems. The company stated, "At this stage, we do not have any information to suggest that customers' accounts and wallets have been directly compromised."

MTN has activated its cybersecurity response processes and notified relevant authorities, including the South African Police Service (SAPS) and the Hawks (South Africa's Directorate for Priority Crime Investigation). The company is also working to notify affected customers in compliance with local legal and regulatory obligations.

The nature of the attack, exposed data, specific markets that were affected and number of affected individuals is not disclosed

MTN has advised subscribers to implement the general security measures:

Place a fraud alert on your credit report via any major credit bureau
Keep MTN, MoMo, and banking apps/devices updated
Use strong, unique passwords and change them regularly
Avoid clicking on suspicious or unexpected messages/links
Never share passwords, PINs, or OTPs via phone, text, or email
Enable multifactor authentication wherever possible

Update - as of 29th of April 2025, the MTN Group reported that at least 5,700 MTN subscribers were affected by the incident.

Cyberattack od telecom MTN Group compromises customer data

Read More
O2 UK VoLTE implementation leaks customer location and …
Everest Ransomware gang claims breach of AT&T Careers …
Suspected data leak of AT&T exposes 70 million …
Bouygues Telecom hit by cyberattack, exposing data of …
French telecom operator Orange Group reports breach of …