A threat actor using the alias N1KA has allegedly put up for sale a database claiming to contain the personal and financial information of 1,833,891 Zenith Bank customers. The listing, posted on a dark web forum, includes a sample of the data, which features fields such as serial numbers, account numbers, customer names, account holdings, addresses, phone numbers, and email addresses.
In addition to customer records, the actor has also shared a separate set of alleged employee data, including staff names and work email addresses linked to the bank’s domain.
In a follow-up message posted on Telegram, N1KA stated that the database may be released for free if it has already been sold, but if no sale has occurred, it will not be shared openly. This suggests the data might already be in the possession of another party.
If authentic, this breach could expose millions of individuals to phishing, identity theft, and fraud attempts. Zenith Bank has not issued a public statement at the time of writing, and the authenticity of the data remains unverified.
CyHawk Africa will continue monitoring the situation and update if there is confirmation or further developments.