Nigeria Records 119,000 Data Breaches in Q1 2025 Amid Global Decline — Surfshark Report
In the first quarter of 2025, Nigeria recorded over 119,000 data breaches, according to a new report from cybersecurity firm Surfshark. The findings, based on the analysis of 29,000 publicly accessible databases, highlight that Nigeria continues to rank among the most affected countries in Sub-Saharan Africa when it comes to leaked data. Alarmingly, Surfshark’s long-term analysis indicates that about 10% of Nigerians have been impacted by data breaches, a situation that raises concerns over the country’s digital vulnerability.
Despite the large number, the report points to a significant 85% decrease in the number of leaked Nigerian accounts compared to the previous quarter, mirroring a broader global trend. Worldwide, there was a staggering 93% year-on-year reduction in leaked accounts, dropping from nearly one billion in Q1 2024 to just 68.3 million in Q1 2025. This trend may reflect improved global cybersecurity practices, though experts caution against complacency.
Nigeria ranked 34th globally for the number of breached accounts, with the United States, Russia, India, Germany, and Spain topping the list. While this ranking may offer some relief, it still places Nigeria high among countries with significant cybersecurity risks. The data also highlights a persistent threat to digital safety, particularly in nations with growing online populations and limited data protection regulations.
According to Luís Costa, Surfshark’s research lead, the decrease in breach numbers is a positive sign but should not lead to a false sense of security. He stressed that cybercriminals continue to evolve their tactics, urging Nigerians and global users alike to adopt stronger digital hygiene. This includes updating passwords regularly, activating two-factor authentication, and staying informed about the latest cyber threats.
Since 2004, an estimated 23.2 million Nigerian accounts have been compromised. The report disclosed that 7.3 million unique emails and 13 million passwords have been exposed. Most concerning is that over half of the affected users face potential risks such as identity theft, extortion, and unauthorized access to personal or financial information. These figures underscore the urgent need for both individual vigilance and systemic improvements in Nigeria’s data protection framework.
Source: Business Day