A recent report by cybersecurity firm Surfshark has revealed that more than 119,000 user accounts in Nigeria have already been compromised in 2025.
This positions Nigeria as the third most affected country in Sub-Saharan Africa for total data breaches since 2004, with a staggering 23.2 million compromised accounts.
According to Surfshark, a data breach occurs when unauthorized parties gain access to user information such as names, email addresses, and passwords. While there was an 85% decline in the number of Nigerian accounts leaked from Q4 2024 to Q1 2025, breaches continue to pose a serious threat. On average, one Nigerian account is compromised every minute in 2025.
The report highlights that of the total affected accounts, 7.3 million involve unique email addresses—indicating that many users have been targeted multiple times. Around 13 million passwords have also been exposed, putting 56% of the victims at risk of account takeovers, identity theft, or other cybercrimes. It’s estimated that 10 in every 100 Nigerians have fallen victim to data breaches.
Globally, the number of breached accounts fell by 93% year-on-year—from 973.7 million in Q1 2024 to 68.3 million in Q1 2025. Despite this, Surfshark warns that 280 accounts are still breached per 100 people worldwide, and Nigeria currently ranks 54th globally for total breaches this year.
The largest known company-related breach in Nigeria this decade took place in September 2024 when a hacker named Addka72424 leaked a global dataset containing 3.3 billion email addresses, including 2.55 million from Nigeria. The hacker claimed it was a “small” experiment to demonstrate the amount of data easily accessible online.
The top 10 countries most affected by breaches in early 2025 were the United States, Russia, India, Germany, Spain, the United Kingdom, France, Canada, Argentina, and South Sudan. Meanwhile, the highest breach density (measured by leaked accounts per 1,000 people) was recorded in South Sudan, followed by Spain and the United States.
Despite the overall decline in breaches, Surfshark’s Research Lead, Luís Costa, emphasized the need for vigilance, noting that cybercriminals are constantly adapting. He recommended adopting best practices such as strong password management, enabling two-factor authentication, and staying informed about emerging threats.
What you should know
Surfshark reports that over 119,000 Nigerian accounts have been breached in 2025, despite a sharp decline in leak rates.
Nigeria ranks third in Sub-Saharan Africa for total breaches and remains vulnerable, with millions of passwords exposed and one account compromised every minute.
ALSO READ TOP STORIES FROM VERILY NEWS
