Despite a dramatic drop in reported data breaches, Nigeria remains alarmingly exposed to cyberattacks, with over 119,000 user accounts compromised in the first quarter of 2025 alone, according to a chilling report by cybersecurity firm Surfshark.
While government officials may celebrate an 85% decline in breaches between Q4 2024 and Q1 2025, experts are warning that complacency could be dangerous. The reality? Cybercriminals are evolving—faster than our defenses.
Nigeria’s Digital Identity Crisis: A Breach Every Few Seconds
The report places Nigeria third in Sub-Saharan Africa for total breaches since 2004, with a staggering 23.2 million compromised accounts. That’s more than the entire population of Lagos and Abuja combined.
In stark terms, 10 out of every 100 Nigerians have already suffered a data breach. And if you think you’re safe because you haven’t noticed anything strange, think again many breaches go undetected until it’s too late.
What does a breach mean? It’s more than just your email being leaked. We’re talking about full names, passwords, home addresses, and financial details information that can fuel identity theft, extortion, phishing scams, and full-blown account hijacks.
Global Hackers, Local Victims
The Surfshark analysis draws from more than 29,000 public databases, revealing that globally, 68.3 million accounts were breached in Q1 2025 alone a drop from 973.7 million in the same period in 2024, but still disturbingly high.
The United States leads with 16.9 million breaches, followed by Russia (4.4 million) and India (4.2 million). Yet Nigeria ranks 54th globally, meaning it still sits uncomfortably high on the cybercrime radar.
More shocking is the finding that 94 unique Nigerian email addresses per 100 people have been exposed at some point. That’s nearly universal exposure, highlighting how little protection the average Nigerian has in the digital space.
The 3.3 Billion Email Leak A Wake-Up Call Ignored?
One of the largest breaches occurred in September 2024, when a hacker operating under the alias Addka72424 leaked 3.3 billion email addresses globally, including 2.5 million belonging to Nigerians.
What did he call it? A “small experiment.” But to the millions of users now at risk, the damage is very real.
If this doesn’t sound alarm bells for Nigerians who store sensitive business data, banking details, and personal documents online, what will?
The Illusion of Safety
Yes, the numbers are down. But Surfshark’s lead researcher Luís Costa warns that this is no time to relax.
“Cyberthreats continue to evolve, and attackers are constantly adapting their tactics,” he said.
In short, the hackers are just getting smarter. Today’s cybercriminal isn’t the hoodie-wearing teenager in a basement; it’s an organised network of digital predators who see your data as currency and Nigeria as an easy target.
What Can You Do?
Costa advises stronger cybersecurity hygiene, such as:
Changing passwords regularly
Enabling two-factor authentication (2FA)
Staying informed about emerging threats
Avoiding unsecured Wi-Fi and suspicious links
Using encrypted password managers and VPNs
Final Thoughts: Nigeria Can’t Afford to Sleep on Cybersecurity
In a country racing toward digitisation where fintech apps, mobile banking, online trading, and remote work are exploding the risk of cyber-enslavement is real.
The internet doesn’t forget and neither do hackers.
If Nigeria is serious about securing its digital future, now is the time for public education, stronger regulations, and better infrastructure to protect its citizens from a war that’s being fought quietly, in the shadows of cyberspace.
Reference
Over 119,000 Nigerians Hacked in 2025 Surfshark Warns Nation Is Still a Cybercrime Hotspot