Nigeria Ranks 3rd in Sub-Saharan Africa for Data Breaches in Q1 2025 – Surfshark

At least 119,000 user accounts in Nigeria have been compromised so far in 2025, according to a press release by cybersecurity firm Surfshark. The country ranks 54th globally for breaches in the year’s first quarter.

This marks an 85 per cent decrease from the final quarter of 2024. Still, on average, one Nigerian account has been leaked every minute in 2025.

Surfshark’s analysis shows that 280 accounts are breached per 100 people globally. Additionally, 94 unique email addresses per 100 people have been exposed. The company ranks Nigeria third in Sub-Saharan Africa for total breaches since 2004, with 23.2 million compromised accounts.

Of those, 7.3 million are unique email addresses, meaning the average user’s email has been leaked multiple times. Around 13 million passwords were exposed alongside Nigerian accounts. This puts 56 per cent of affected users at risk of account takeover, identity theft, extortion, or other cybercrimes. Statistically, 10 out of every 100 Nigerians have been reportedly impacted by data breaches.

The most significant company-related data breach in Nigeria this decade occurred in September 2024, when a hacker identified as Addka72424 released a dataset containing 3.3 billion email addresses. Though global, the leak included 2,555,642 Nigerian accounts. The hacker described it as a “small” experiment to show how much data is freely available online.

In Nigeria, though, data breaches dropped by 93 per cent in Q1 2025 compared to the previous quarter. The 10 most breached countries were the United States, Russia, India, Germany, Spain, the UK, France, Canada, Argentina, and South Sudan.

The countries with the highest breach density – measured by leaked accounts per 1,000 residents – were South Sudan, Spain, the US, Germany, Slovenia, Israel, the UK, France, Russia, and Norway.

Although the number of vulnerable accounts in all major regions decreased in Q1 2025 compared to the previous quarter, people should remain vigilant. Cyberthreats continue to evolve and attackers are constantly adapting their tactics,” said Luís Costa, Research Lead at Surfshark.

He said it was essential to follow strong security practices, regularly update passwords, enable two-factor authentication, and stay informed about potential risks to protect personal and organisational data.

Read More: Niger and Iran Sign Security Cooperation Agreement to Combat Transnational Threats

About The Author

Confidence Ubani

author

See author's posts