The Nigeria Police Force has announced plans to arrest 601 bank customers linked to a significant breach involving Flutterwave, a leading fintech company.
This announcement was made yesterday following an investigation into a technical glitch that allowed unauthorised transactions totalling N21.2 billion ( $21.2 million) between October 12 and 13, 2023.
Read also: Kenya govt fines NCBA Bank for sending customer account statements to ex-wife
Overview of the Flutterwave breach
Flutterwave experienced a serious security issue that permitted point-of-sale (POS) merchants to conduct transactions exceeding their available balances. This incident resulted in over 9,600 unauthorised transactions.
In response, Flutterwave temporarily suspended affected accounts and collaborated with various banks, including Wema Bank, to stop the processing of settlement accounts linked to fraudulent activities. These efforts helped the company recover N7.2 billion from the losses.
A Flutterwave spokesperson stated, “In 2023, we discovered that certain POS device merchants abused their access by conducting unauthorised transactions.”
Authorities said the point-of-sale merchants exploited the breach by sending huge sums of money to family, friends and relatives.
The company has taken proactive measures to resolve this breach and embarked on legal options to recover the lost funds.
Read also: Premier Bank, Mastercard introduce Shari’ah-compliant card system in Kenya
Involved banks and legal actions
The banks implicated in this scandal include Polaris Bank, Sparkle Microfinance Bank, Stanbic IBTC Holdings, Standard Chartered Bank, Union Bank, Unity Bank, and Wema Bank.
The police have requested court orders to freeze accounts associated with the fraudulent activities, emphasising the need for accountability among all parties involved.
The police investigation has focused on the 814 POS merchants involved in the breach, leading to several arrests. Authorities are now extending their efforts to apprehend the 601 account holders suspected of receiving proceeds from these illegal transactions.
A police spokesperson explained, “We have traced funds transferred during the glitch and are now targeting those who benefited from these illegal activities.”
As investigations continue, this incident raises concerns about security protocols within Nigeria’s fintech sector. Experts suggest this situation could be a wake-up call for other financial institutions to bolster their cybersecurity measures.