Nigerian fintech, Flutterwave, has continued to deny mounting claims that its systems were breached and funds stolen.
According to an investigation by local publication, Techcabal, citing three sources, Flutterwave was likely breached two times in March 2023 with an estimated N550 million ($1.17 million) moved from Flutterwave.
According to the report, the perpetrators of the attack allegedly used the fraudulently obtained funds from Flutterwave to buy USDT on the cryptocurrency platform, Binance. This is said to be similar to a previous incident that occurred in February 2023 broken by another publication, Techpoint Africa.
According to Techpoint, hackers had stolen over ₦2.9 billion ($6.48 million) from Flutterwave accounts. Flutterwave took legal action to recover the billions of Naira from several beneficiaries incident, with hundreds of bank accounts reportedly blocked, according to the report.
In the most recent hacks, the three beneficiaries, who were the first accounts to directly receive the diverted funds, claimed they collaborated to fulfill a USDT request that amounted to billions of Naira for a Chinese merchant with whom they had previously done business.
In the process, they sourced most of the USDT but also purchased some from Binance’s open market which expanded the scope of those impacted by the incident.
According to TechCabal, while Flutterwave has denied any loss of funds for either the company or its customers, some cryptocurrency merchants whose accounts were blocked have alleged that Flutterwave filed petitions against them with Nigeria’s anti-graft organization, the Economic and Financial Crimes Commission (EFCC).
According to the report, there are now about 295 people affected by all three incidents whose accounts remain frozen after Flutterwave petitioned the police and the courts to block the accounts in order to begin investigations.
Flutterwave’s head of storytelling and branding, Yewande Akomolafe-Kalu, has said in an interview with Peoples Gazette that some users’ login information was compromised and that the company was not responsible for the security breach.
She added that the company took steps to protect impacted accounts and users by blacklisting compromised accounts once it noticed unusual and suspicious activities.
“There is no hacking,” Ms Akomolafe-Kalu told The Gazette on Sunday. “Monies are intact; customers are fine.”
“We want to confirm that no user lost any funds, and we take pride in the fact that our security measures were able to address the issue before any harm could be done to our users,” a statement by the company stressed.
________________________________________
Follow us on Twitter for the latest posts and updates
Join and interact with our Telegram community
________________________________________
________________________________________
