Hackers have stolen ₦2.9 billion from Flutterwave accounts, petition to freeze accounts linked to stolen funds

by · March 6, 2023

Hackers have stolen ₦2.9 billion from Flutterwave accounts, petition to freeze accounts linked to stolen funds

The news:

  • In early February 2023, hackers transferred over £2.9 billion from Flutterwave accounts.
  • While the police investigation is ongoing, Flutterwave is trying to freeze accounts where some of the money was transferred.
  • A motion to freeze accounts in 27 financial institutions in Nigeria, including Access Bank, Kuda, Zenith Bank and OPay, has been filed.

According to documents seen by Techpoint Africa₦2,949,557,867 has been illegally transferred from the accounts of African fintech unicorn, Flutterwave.

On February 19, 2023, Flutterwave’s Legal Adviser, Albert Onimole, reported the case to the Deputy Commissioner of Police, State Criminal Intelligence Department, Panti, Yaba, Lagos.

Per Onimole’s letter, the hack on Flutterwave’s accounts happened around two weeks ago from February 13. It was said that the money was initially transferred to 28 accounts in 63 transactions. While the incident was reported to the police on 13 February 2023, with the list of accounts that had received the money, the police were unable to freeze the funds.

According to Flutterwave, some commercial banks allowed the money to be moved to other accounts, widening the money trail.

To investigate accounts holding the stolen funds across various financial institutions in Nigeria, SA Adedesin, Legal Officer, State CID, Panti, Yaba, Lagos filed a case in the Magistrate Court of Lagos (Yaba Magisterial District sits at Yaba) to support Flutterwave’s claims.

The matter is between the Chief of Police and the following financial institutions.

  1. Access Bank
  2. Providus Bank
  3. Union Bank
  4. Keystone Bank
  5. PalmPay
  6. First City Monument Bank (FCMB)
  7. Kuda Bank
  8. Zenith Bank
  9. First Bank of Nigeria
  10. Guaranty Trust Bank (GTB)
  11. United Bank for Africa (UBA)
  12. Polaris Bank
  13. Wema Bank
  14. Union Bank
  15. Sterling Bank
  16. Ecobank
  17. Paycom
  18. Fidelity Bank
  19. Eyowo
  20. Stanbic IBTC Bank
  21. Opay
  22. VFD Microfinance Bank
  23. Carbon
  24. Moniepoint
  25. Al-Hayat Microfinance Bank
  26. PiggyVest
  27. Nomba (formerly Kudi)
See also  Make the smartphone lifecycle as smart as the devices

Some accounts are already frozen

Although there are no documents confirming whether the court has ruled in favor of Inspector Micheal’s proposal, some people have confirmed that their accounts have been frozen in connection with the hack.

A Twitter User said: “I received an email from my bank stating that I am a fourth recipient of this reputed scam. This was after over five days of a successful trade. My account is locked 🔒 can’t access the fund inside. Pls is this correct? It’s unfair I have zero business with flutter wave or the hack.”

According to the proposal submitted by Adebesin, 107 accounts, including the fifth beneficiary of these accounts, are to be placed on lien/Post-No-Debit (PND).

With the stolen funds spread over several accounts, as follows to tweetsmay or may not have anything to do with the hack, it is currently not clear who hacked Flutterwave.

Questions about how hackers got past Flutterwave’s security and what this means for the unicorn’s customers remain unanswered.

Interestingly, a statement from Flutterwave denied the hack. it said, “we identified an unusual trend of transactions on some users’ profiles. Our team immediately launched a review (in line with our standard operating procedure), which revealed that some users who had not enabled any of our recommended security settings may have been susceptible.” »

The statement added that Flutterwave was able to resolve the issue before any harm was done to users.

“We want to confirm that no user has lost any funds, and we are proud of the fact that our security measures were able to resolve the issue before anyone could harm our users.

See also  Founder of AcuFi, Nick Kohlschreiber, shows small businesses how to use FinTech

Our commitment to keeping users’ financial information safe and secure is why we invest heavily in security initiatives such as periodic audits, certifications and licenses such as PCI-DSS and ISO 27001. These are in line with global best practices in information security management.”

However, some Twitter users claim that their accounts were locked as a result of the Flutterwave hack.

It is unclear why Flutterwave insists it has not been hacked given the existence of court documents proving the fact and various bank owners confirming the incident.

This is a developing story.

[Update] This article was updated on Sunday 5 March 2023 at 16:11 WAT To reflect that this is a development story, Flutterwave is working on an official statement.

[Update] Monday 6 March 2023 at 01:20 WAT. Flutterwave’s statement said the Fintech Unicorn was not hacked while court documents say otherwise.

Related posts:

  1. How Kenya’s InstaSend helps you build secure, scalable fintech products faster
  2. Webinar Review: The Future of Payments and Emerging Global Trends
  3. Paytm, Zomato, Nykaa, PB Fintech rise amid market volatility. Here’s what analysts are saying
  4. Fundraising for startups hits an 8-month low in February, falls over 83% year-over-year

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Headline Posts