Business
Nigeria sees 150,000 account breaches in H1 2025 despite Q2 decline — Surfshark
Nigeria recorded more than 150,000 compromised user accounts in the first half of 2025, according to a new report by cybersecurity firm Surfshark, raising concerns over the country’s persistent exposure to digital threats despite a significant drop in breach incidents during the second quarter.
The report revealed that data breaches in Nigeria dropped sharply by 73%, from 120,000 cases in Q1 to 31,800 in Q2.
While this decline marks a positive development, experts warn that the overall figures still signal enduring vulnerabilities in the nation’s digital infrastructure.
“Today’s digital age requires all of us to share more and more personal information to carry out daily tasks. In the wrong hands, this data can be used to commit identity theft, for targeted scams, or sold on the dark web,” said Sarunas Sereika, Product Manager at Surfshark.
With 23.3 million breached accounts since 2004, Nigeria ranks third in Sub-Saharan Africa in terms of total compromised accounts, behind South Africa and Kenya.
The report further indicates that about 13 million of these accounts had passwords exposed, putting 56% of users at risk of identity theft, extortion, or account takeovers.
Despite the drop in Q2 figures, analysts caution that the scale of cumulative breaches shows that cyberattacks remain a persistent national threat, demanding more robust security frameworks and user awareness.
While Nigeria saw improvement in Q2, the global picture worsened. Worldwide, the number of leaked accounts surged by 34%, from 70 million in Q1 to 94 million in Q2.
Top countries by volume of compromised accounts: United States – 42.5 million; France – 11.4 million; India – 1.7 million; Germany – 1.3 million; Israel – 1.2 million.
READ ALSO: ‘Account for security votes spending, invite EFCC, ICPC’, SERAP tells 36 governors
When adjusted for population size, France had the highest breach density at 172 leaked accounts per 1,000 residents, followed by Israel (130), the U.S. (123), Singapore (26), and Canada (24).
Surfshark said its findings were derived from over 29,000 publicly accessible data sets, with email addresses used as identifiers. Many breaches also included sensitive information such as passwords, phone numbers, IP addresses, and zip codes.
The report excluded countries with fewer than one million residents and aimed to offer a comprehensive view of the rising global threat to digital identity and cybersecurity.
“Cyberthreats are constantly evolving, and attackers are adapting their tactics. Strong security practices, frequent password updates, and enabling two-factor authentication remain essential,” the firm advised.
The warning comes as Nigeria continues to expand its digital economy, prompting calls for stronger data protection regulations, increased cybersecurity education, and faster enforcement of digital protection laws to safeguard citizens and businesses alike.
-
News1 week agoWidow of late investigative broadcaster Kola Olawuyi dies
-
Crime1 week agoOutrage as NYSC doctor allegedly dies after delay in approving sick leave
-
Aviation1 week agoNIS issues updated guidelines for contactless passport renewal for Nigerians abroad
-
Latest7 days agoOne killed as ethnic clash erupts in Ibadan following reported overnight stabbing (video)
-
Latest1 week agoLagos arrests 396 beggars in fresh crackdown on street begging (Video)
-
Agribusiness6 days agoStrengthening Nigeria’s Food Production Through Reliable Water Storage Infrastructure
-
Aviation5 days agoNigeria ends third-party visa processing in U.S, directs applicants to embassy, consulates
-
Business5 days agoSEC sets July 10 deadline for Q2 ownership, capital flows returns


