Three Nigerian fintechs have lost over N5 billion to hackers in the first 8 months of this year as cases of hacks and frauds increase within the ecosystem.
While there are many more incidences involving undisclosed amounts running into billions, Nairametrics gathered that the situation is getting more complicated as some of the heists had members of staff of the fintechs involved.
According to different sources in the industry, this has now become a major challenge for the fintech companies in Nigeria.
More worrisome for the fintechs is the fact that an attack could also come through another connected fintech, hence, a well-secured platform could get compromised through another connected platform with poor cyber security systems.
This fear recently prompted a commercial bank to disconnect many fintechs from its platform, which made it impossible for its customers to send money to the affected fintechs, although the issue was later resolved.
Sharing an experience on the prevalence of breaches in the fintech space, the Chief Executive Officer of Aladin, one of Nigeria’s digital banks, Darlington Onyeagoro, narrated how a fintech company lost N800 million to hackers in one week. But the act was not just perpetrated by outsiders, insiders’ connivance is suspected, according to him.
In another case of fraud involving Patricia Technologies, facts have also emerged that the stolen fund had the hands of hackers and insiders including a notable Nigerian politician who contested for House of Reps position in the last general elections.
According to an inside source who spoke with Nairametrics on the matter, while the case is currently with the police, the said politician was said to have promised to repay part of the money.
Patricia, a crypto trading platform, is currently facing the battle of repaying thousands of its customers whose money had disappeared through the breach in its system.
An escrow manager appointed by the company last week to manage the repayment, DLM Trust, later pulled out.
However, Patricia’s founder and CEO, Hanu Fejiro, said the repayment of its customers would go on starting from November 20 as earlier scheduled.
Earlier this year, it was reported that hackers stole N2.9 billion from Flutterwave’s account. In its response to the report, Flutterwave said it noticed unusual activities in its systems and told users to activate safety protocols, but it insisted that customers did not lose any funds.
While the company denied that money was lost, the events that followed proved otherwise. Court documents that later found their way to social media showed certified true copies of a petition by Flutterwave’s legal counsel to the police dated February 20, 2023.
The letter asked for police assistance to recover funds by obtaining court orders from the magistrate court to sustain account freezes on 107 bank accounts in 27 banks that allegedly, directly or indirectly, received money from the illegal transfers from Flutterwave accounts.
Thereafter, several accounts belonging to innocent Nigerians were frozen by commercial banks.
The reason given by the banks was that stolen funds from Flutterwave were traced to those accounts hence, liens were placed on them.
According to Aladin’s CEO, Onyeagoro, the fintech companies are challenged by the fact that hackers see every fintech app as a target.
Indeed, Oyenagoro believes that the first set of people to download every new fintech app are the fraudsters, hence security should be the top priority for all the platforms.
Onyeagoro said this security challenge has made encryption a top priority for fintechs. But not just that, he said fintechs would also need to work with partners that prioritize security to ensure their own safety.
While it is less pronounced given their financial muscle compared with fintechs, commercial banks in the country are also losing billions to fraudsters and hackers every day.
Following a similar pattern with the fintechs, most frauds in the banks also have the involvement of insiders, according to data released by the FITC.
In its Q2 2023 Fraud and Forgeries report, FITC revealed that commercial banks in Nigeria lost a total of N5.79 billion to fraud activities in the quarter. This amount represented a 1,125.03% increase in losses when compared with the N472 million lost in Q1 2023.
The FITC pointed out that the losses were recorded by 24 banks that filed their returns on fraud cases for the period.
The data also indicated that there was a significant increase in the total amount involved in fraud cases during Q2 2023 compared to the previous quarter.
The sum increased from N2.58 billion to N9.75 billion, representing a 276.98% increase.
Based on the FITC report, in the same period, there was also a 20.55% increase in insider involvement in the frauds committed across the bank in the second quarter of this year.
This prompted the FITC to caution the banks to be more vigilant about the type of people they employ.
Obviously, the Nigerian fintechs will also need to take a cue from the FITC’s advice as they continue to battle the outside and inside forces that are bent on running them down through fraud.
Credit: Nairametrics