In a recent security incident, Flutterwave, a leading African fintech company, lost between ₦ $11 billion ($7 million) and ₦ $20 billion ($13.5 million) due to unauthorized transactions. This breach occurred just one month after Flutterwave obtained a court order in February to recover $24 million lost in a previous security breach last October.
The October breach involved unauthorized transactions by POS device merchants, which resulted in funds being automatically transferred to customers’ bank accounts. Despite the court order, Flutterwave faced another breach in March.
Insiders estimate the loss during the latest breach to be significant. The stolen funds were transferred to multiple accounts across five financial institutions over four days. The perpetrators cleverly transferred small amounts to avoid triggering fraud checks.
Flutterwave, in response to the breach, has taken immediate action to protect its customers. The company detected unusual activities inconsistent with typical customer behaviour on one of its platforms, used by a small subset of its customer base. However, Flutterwave maintains that no customer funds were lost or compromised, and the confidentiality of its customers’ data remains intact. This swift response and commitment to customer protection demonstrate Flutterwave’s dedication to maintaining the trust of its stakeholders.
Flutterwave has faced fraud-related issues before. The company lost over ₦22 billion ($14 million) in three separate incidents in the previous year. In February and March of last year, Flutterwave reported losses of about ₦2.9 billion ($1.9 million) and ₦550 million ($361,000), respectively, before the substantial loss of ₦19 billion ($12.4 million) in October.
For more tech news and insights, visit Rwanda Tech News, and explore similar topics and trends in the world of technology.