In April 2024, Flutterwave, a leading fintech company, experienced a major security breach where hackers illegally transferred ₦11 billion (approximately $7 million) to various bank accounts.
Some sources suggest the stolen amount could be as high as ₦20 billion ($13.5 million).
Flutterwave acknowledged detecting unauthorized activities on one of their platforms but assured customers that their funds and personal data were not compromised during the incident.
The hackers distributed the stolen funds across several accounts in five different financial institutions over four days, keeping the transfers below the limits that typically trigger fraud detection systems.
Upon discovering the breach, Flutterwave promptly reported the incident to law enforcement and requested the Know Your Customer (KYC) details of the accounts involved.
The affected accounts have been temporarily restricted.
This incident marks the fourth security breach at Flutterwave in fourteen months.
Previous breaches in 2023 involved unauthorized transfers totaling ₦22.45 billion ($30.9 million).
Efforts to identify the account owners may be aided by the Central Bank’s mandate requiring customers to provide a Bank Verification Number (BVN) or National Identification Number (NIN).
In February, Flutterwave obtained a court order to recover funds from identified account holders involved in previous incidents.
Unlike past breaches, this latest incident involved an organized network using a closed-loop system to transfer money between accounts.

