The report, released Thursday, revealed that over 150,000 Nigerian accounts were compromised in the first half of 2025.
Despite a decline in reported incidents this quarter, Nigeria remains dangerously exposed to cybercrime, with 13 million citizens’ passwords leaked in breaches tracked over the years, according to a new report by cybersecurity firm Surfshark.
The report, released Thursday, revealed that over 150,000 Nigerian accounts were compromised in the first half of 2025. Breaches fell sharply from 119,000 in Q1 to 31,800 in Q2, a 73 percent drop, but Surfshark warned the cumulative toll reflects widespread vulnerability.
“Out of this number, 13 million Nigerian accounts had passwords leaked,” the report stated, noting 56 percent face risks of identity theft, phishing, or extortion.
Since 2004, Nigeria has recorded 23.3 million breached accounts, ranking third in Sub-Saharan Africa after South Africa and Kenya.
“Today’s digital age requires all of us to share more and more personal information to carry out daily tasks. In the wrong hands, this data can be used to commit identity theft, for targeted scams, or sold on the dark web,” said Sarunas Sereika, Surfshark’s product manager.
The firm blamed weak security habits, including password reuse and poor two-factor authentication adoption, for most breaches.