A threat actor using the alias bitcoin has allegedly breached Aova.com.ng, a Nigerian-based digital wallet and payment company. The platform, which operates similarly to global services like Skrill or Trello but tailored for Nigerians, reportedly suffered a data leak exposing internal and customer-related information.
According to the threat actor’s post, approximately 3.38MB of SQL files were leaked, including:
Mysql.sqlOpendmarc.sqlperformance_schema.sqlPhpmyadmin.sqlPostfixadmin.sqlroundcubemail.sql
The compromised data allegedly contains:
- Internal system information
- User data (names, emails, account details)
- Transaction information
- Personally Identifiable Information (PII)
- Email content and topics
If verified, this incident could expose Aova users to:
- Identity theft: with leaked PII and account data being repurposed by cybercriminals.
- Phishing attacks: through compromised emails and related topics.
- Financial fraud: as transaction records and wallet details could be abused.
Given the scale of the leak, Nigerian fintech users and organizations are urged to remain cautious, monitor account activity, and adopt stronger security measures, including password resets and enabling two-factor authentication (2FA).
CyHawk Advisory
While the breach is still under review, CyHawk Africa continues to track the exposure of Nigerian fintech platforms, highlighting the growing need for:
- Improved security frameworks for digital wallets and payment services.
- Regular penetration testing to identify weak points before malicious actors exploit them.
- User awareness campaigns to educate employees and customers on phishing and fraud prevention.