Significant Drop in Data Breaches in Nigeria: Context and Implications
In the second quarter of 2025, Nigeria experienced a notable 73% reduction in reported data breaches, a decrease from 120,000 in the first quarter to 31,800. Despite this decline, cybersecurity firm Surfshark reported over 152,000 compromised accounts across various sectors in Nigeria during the first half of the year. This statistic highlights an ongoing vulnerability, even against the backdrop of a significant decrease in the number of breaches.
On a global scale, the number of leaked accounts rose dramatically by 34%, jumping from 70 million in the first quarter to an alarming 94 million in the second. Countries particularly impacted by this global surge include the United States, France, and India, which ranked first, second, and third respectively in terms of total accounts compromised.
Sarunas Sereika, a product manager at Surfshark, emphasized the growing threat posed by personal data exposure. “In today’s digital world, we frequently share personal information,” Sereika stated, “from delivery addresses to phone numbers. Unfortunately, there are no guarantees regarding data security, and such information can aid identity theft or targeted scams when it falls into the wrong hands.”
Within Nigeria itself, a long-term analysis has placed the country as third in total compromised accounts in Sub-Saharan Africa, with a staggering 23.3 million user records breached since 2004. This breach count includes about 3 million unique email addresses and 13 million instances where passwords were also compromised. Alarmingly, statistics reveal that 56% of affected users are at heightened risk for account takeovers and identity fraud, suggesting that approximately one in ten Nigerians has experienced a data breach.
The decline in breached accounts during the second quarter indicates a potential short-term improvement in cybersecurity measures. However, experts caution against assuming this trend represents a permanent recovery, noting that either temporary vigilance or underreporting could contribute to this statistic.
The data breach landscape also varies by country, with the United States leading globally at 42.5 million compromised accounts, followed by France with 11.4 million and India with around 1.7 million. Analyzing the breach density, France exhibits the highest rate at 172 breaches per 1,000 residents, followed by Israel and the United States.
Understanding the tactics utilized in these breaches is essential for developing stronger cybersecurity frameworks. The MITRE ATT&CK framework offers insight into potentially used tactics, including initial access methods such as phishing, exploitation of public-facing applications, and the use of credential dumps. The framework also highlights techniques related to persistence and privilege escalation that adversaries may employ to maintain access, underscoring the importance of continuous vigilance and robust security policies.
For business owners, the need to remain informed and proactive about cybersecurity is critical, particularly in light of these troubling statistics. Assessing and enhancing security measures can mitigate risks associated with data breaches, protecting both customer information and corporate integrity.
To deepen your understanding of the cybersecurity landscape in Nigeria, the full breach profile is available for review through the Surfshark Global Data Breach Monitor. As threats continue to evolve, it remains essential to stay abreast of emerging risks and implement strong safeguards in your organization.
