Nigeria experienced significant data security challenges in the first quarter of 2025, with over 119,000 reported data breaches, according to the latest global report from cybersecurity firm Surfshark. This alarming figure highlights Nigeria’s standing as one of the most affected nations in Sub-Saharan Africa regarding data loss.
Surfshark’s analysis draws on data from 29,000 publicly accessible databases. The researchers found that approximately 10 percent of the Nigerian population has been impacted by these breaches. Interestingly, there has been a substantial decline in the number of compromised accounts, with an 85 percent reduction from the previous quarter. This trend mirrors a global statistic indicating a 93 percent year-on-year drop in leaked accounts, plummeting from 973.7 million in Q1 2024 to just 68.3 million in Q1 2025.
Despite the concerning figures, this quarter’s data suggests a marked improvement compared to earlier periods. Nigeria ranks 34th globally for the number of breached accounts. Worldwide, the United States faced the brunt of data breaches, with 16.9 million leaked accounts, followed by Russia, India, Germany, and Spain.
Luís Costa, the research lead at Surfshark, emphasized the need for ongoing vigilance amidst declining numbers. He remarked, “While all major regions have seen a reduction in vulnerable accounts, cyber threats continue to evolve, and attackers are adapting their strategies. It is crucial for users to adopt robust security practices, including routine password updates and two-factor authentication.”
Remarkably, since 2004, around 23.2 million Nigerian user accounts have been compromised. The report identified that 7.3 million unique email addresses and 13 million passwords have been exposed in these incidents. Alarmingly, 56 percent of those whose accounts were breached may face risks such as identity theft and unauthorized account access.
The MITRE ATT&CK framework can provide valuable insights into potential tactics and techniques employed during these incidents. Initial access, persistence, and privilege escalation are among the tactics that could have been exploited by adversaries attempting to gain unauthorized access and maintain control over compromised systems.
As businesses navigate the complexities of data security, it is vital to remain informed and proactive in combating cyber threats. Strengthening security postures and fostering a culture of cybersecurity awareness can mitigate the risks associated with data breaches.
For those seeking further context on this issue, additional resources highlight ongoing discussions about the implications of data breaches in various sectors, including health insurance. Awareness and vigilance remain essential in safeguarding sensitive information against evolving cyber threats.
