MTN Ghana Faces Potential Data Leak Investigation by Data Protection Commission
In a recent development, the Data Protection Commission (DPC) in Ghana is investigating a potential data breach involving MTN Ghana's systems. The breach is said to have affected approximately 5,700 customers during April and May 2025, with personal data potentially exposed.
MTN Ghana, however, has assured its customers that the breach did not affect its core network, billing systems, or mobile money infrastructure. According to the telecommunications company, mobile money wallets remained secure.
The investigation concerns a possible exposure of personal information of some customers. If it's confirmed that personal data was compromised due to negligence, the DPC plans to use its enforcement powers under Ghana's Data Protection Act (Act 843).
The breach has raised significant public concern, with suspicions of insider involvement contributing to scams where fraudsters used detailed transaction histories to trick victims into resetting their Mobile Money (MoMo) PINs, leading to substantial financial losses.
Regulators in Ghana, including the Cyber Security Authority, are actively developing countermeasures such as mandatory multi-factor authentication and biometric verification to enhance mobile money security across the industry. The incident underscores risks to the trust in Ghana's mobile money ecosystem, which processed over GH¢1.9 trillion in 2024, vital for daily commerce and financial inclusion.
The DPC has emphasized the importance of protecting Personal Information and urged institutions to strictly adhere to Act 843, Ghana's Data Protection Act. The public is advised to remain vigilant and verify whether service providers are registered with the DPC.
As of mid-August 2025, investigations continue, and the exact scope and data compromised in the breach have not been fully disclosed. The DPC is working to assess the scope and impact of the potential data breach and plans to release further updates as more details about the breach emerge.
The coordinated regulatory response reflects heightened attention to cybersecurity and fraud risks threatening Ghana's telecom and mobile financial services sectors. The public is urged to stay informed and follow any safety guidelines provided by the DPC and other relevant authorities.
[1] Source: GhanaWeb, Myjoyonline, and other reputable news outlets. [2] Source: Ghana's Data Protection Commission's official statements.
- Despite MTN Ghana's assurance that its core network and mobile money infrastructure were unaffected, the potential data breach has sparked a political discourse about the need for enhanced technology security and adherence to data protection laws.
- The investigation into the MTN Ghana data breach highlights the intersection of technology and politics, as regulators aim to use their enforcement powers under Ghana's Data Protection Act to address potential negligence and preserve public trust in the mobile money ecosystem.
