How A Shadowy Syndicate Breached A Nigerian Telco & Stole Billions In Airtime
A cyber syndicate allegedly stole NGN 7.7 B (approximately USD 5.5 M) from a major telecommunications company by hacking its core systems to divert vast quantities of airtime and mobile data. The Nigeria Police Force announced the arrest of six suspects, revealing a complex fraud that exploited internal vulnerabilities to treat digital airtime like cash.
The scheme began with a critical breach. Investigators found that the criminals gained access not by attacking the company’s external defenses, but by compromising the login credentials of internal staff. This allowed them to infiltrate the telecom’s core billing and payment systems undetected. Once inside, they executed large-scale, illegal diversions of prepaid airtime and data resources.
This fraud highlights a fundamental aspect of Africa’s telecom landscape as prepaid airtime functions as a liquid, digital-currency alternative. The syndicate’s operation essentially involved hacking the “mint” and printing unlimited digital cash, which they could then sell on the retail market for real money.
The scale of the fraud became evident with the arrests and asset seizures. Following a petition from the affected company and weeks of planning, police conducted coordinated raids in Kano and Katsina states in October 2025, with a final arrest in Abuja.
Recovered assets, believed to be proceeds of the crime, painted a picture of a highly organised, large-scale commercial operation. Among items recovered are two residential houses and two mini-plazas in Kano, retail outlets containing over 400 laptops and 1,000 mobile phones, a Toyota RAV4 vehicle, and substantial sums of money traced directly to the suspects’ bank accounts.
The police identified the suspects as Ahmad Bala, Karibu Mohammed Shehu, Umar Habib, Obinna Ananaba, Ibrahim Shehu, and Masa’ud Sa’ad. They are to be charged in court upon the conclusion of the investigation.
Inspector-General of Police Kayode Egbetokun commended the officers of the National Cybercrime Centre for the operation, reiterating a commitment to “safeguard Nigeria’s digital and financial ecosystems”.
The case exposes a critical weak spot for telecoms, which manage vast, easily monetisable digital resources. The breach of internal credentials points to potential failures in cybersecurity protocols and internal controls, allowing a technical exploit to result in one of the largest telecom frauds recently uncovered in Nigeria.
Image Credit: Hurriyet Daily News
