Airtel, MTN Exposed In Third-Party Data Breach

A company integrating mobile money transactions between telecom companies and financial firms in Uganda has been hacked.

Pegasus technologies, the third-party service provider, disclosed that it was hacked on Monday.

Although the company is yet to identify the hackers, the sum of money stolen is also unknown.

Many firms were affected, but the top three include Airtel, MTN and Stanbic bank, the largest banking service in Uganda.

The telecom companies, Airtel and MTN are the biggest victims of the hack.

They control more than 90% of the market and hold an escrow account in Stanbic bank.

What really happened?

On Monday, October 5, the three companies made a joint statement where they stated the impact of the hack.

Reportedly, the incident began on Thursday all through the weekend.

The hack resulted in mobile service suspending all banks to mobile money/ wallet transactions.

The heads of the companies, Anne Juuko, Wim Vanhelleputte, and VG Somasekhar, admitted that there was an incident.

However, they did not give many details on the occurrence.

According to the trio “On Saturday October 3, 2020, a third-party service provider experienced a system incident which impacted Bank to Mobile Money transactions. All Bank to Mobile Money/Wallet services have since been temporarily suspended”.

Also, they added that: “This system incident has had no impact on any balances on both Bank and Mobile Money accounts. Our technical teams are analysing the incident and will restore services as soon as possible. We apologise to all customers for any inconvenience that this has caused and reiterate our commitment to delivering seamless banking and mobile money services.”

READ ALSO: Hackers Can Replicate Your Key By Listening To How They Sound In The Lock

What is Pegasus saying?

Pegasus technologies has not confirmed or denied the hack.

Managing Director of the company, Ronald Azairwe, said that he wasn’t in the best position to comment.

“Sadly I can’t comment on that. I can’t speak about it. [Those affected] should be able to tell you whether it is Pegasus or not,” he said.

Even with the statement of Ronald, a source at one of the affected companies made a report that hackers broke into the system of Pegasus.

Also, a policeman confirmed to have received a report concerning the incident.

He said: “The fraud incident has been reported. We are constituting a team of electronic countermeasures investigators and investigations begin effective tomorrow.”