On August 31, 2025, a threat actor using the alias 888 on claimed responsibility for an alleged data breach targeting Kolomoni, a Nigerian digital and mobile banking application.
According to the forum post, the breach allegedly exposed 37,800 customer records, including:
- Account names and numbers
- Emails and phone numbers
- Gender and dates of birth
- Residential addresses and local government details
- Account status and state
- Last login times and dates
A sample of the leaked data shared on the forum includes highly sensitive personally identifiable information (PII), such as full names, account numbers, emails, phone numbers, and addresses of Kolomoni users.
If verified, this incident could have serious consequences for affected customers, ranging from targeted phishing campaigns to identity theft and financial fraud.
CyHawk Africa Advisory
- For Customers: Be cautious of unsolicited messages, especially those requesting banking details or login credentials.
- For Kolomoni: Immediate investigation, customer notification, and reinforcement of data protection measures are critical.
- For Institutions: Monitor for potential phishing campaigns that may exploit this leaked data.