Despite a noticeable decline in data breaches during the second quarter of 2025, Nigeria still recorded over 150,000 compromised user accounts in the first half of the year. This is according to a new cybersecurity report released by Surfshark, a global digital security firm, which highlights that cyber threats remain a major challenge for the country’s digital landscape.

According to the report, Nigeria experienced a 73% drop in data breach incidents from Q1 to Q2, falling from approximately 120,000 cases in the first quarter to 31,800 in the second. While this decline signals some progress, experts caution that the overall number remains alarmingly high and highlights persistent weaknesses in the nation’s digital infrastructure.

Digital Vulnerability Remains a Major Concern

“Today’s digital age requires all of us to share more and more personal information to carry out daily tasks. In the wrong hands, this data can be used to commit identity theft, for targeted scams, or sold on the dark web,” said Sarunas Sereika, Product Manager at Surfshark.

The report underscores how the increasing reliance on digital tools in daily life exposes users to greater risks. From financial platforms and email logins to mobile apps and online marketplaces, Nigerians continue to share sensitive data that, when leaked, can fuel a range of cybercrimes.

Nigeria’s Cybersecurity Ranking in Africa

With a total of 23.3 million compromised accounts since 2004, Nigeria ranks as the third most breached country in Sub-Saharan Africa, following South Africa and Kenya. The Surfshark analysis places special emphasis on the severity of these breaches.

Out of the millions of breached accounts in Nigeria, 13 million had passwords exposed, meaning 56% of affected users face a heightened risk of being targeted for account takeovers, extortion attempts, or full-blown identity theft. The report further notes that approximately 7.3 million unique Nigerian email addresses have appeared in known leak databases.

Statistically, one in ten Nigerians has fallen victim to a data breach, revealing the widespread nature of the issue and underscoring the urgent need for stronger cybersecurity measures across both public and private sectors.

Global Breach Trends Show Rising Threat Levels

Globally, the second quarter of 2025 saw a 34% increase in data breaches. The number of compromised accounts rose from 70 million in Q1 to 94 million in Q2. The United States led the chart with 42.5 million leaked accounts, followed by France with 11.4 million, India with 1.7 million, Germany with 1.3 million, and Israel with 1.2 million.

When adjusted for population size, France recorded the highest breach density, with 172 compromised accounts per 1,000 residents. Israel followed closely with 130, then the United States (123), Singapore (26), and Canada (24). These statistics point to a disturbing trend of intensifying global cyberattacks, affecting both large and small economies alike.

The Mechanics Behind the Breaches

Surfshark’s findings were compiled from data extracted from 29,000 publicly available breach databases. The analysis treated every email address found in these leaks as an individual compromised account. Additionally, several of the leaks included other sensitive personal information such as passwords, mobile numbers, IP addresses, and even postal codes.

The cybersecurity firm clarified that their dataset excluded countries with populations of under one million in order to focus on broader statistical trends in digital threats. The approach offers a macro-level view of cybersecurity vulnerabilities worldwide and highlights the increasing sophistication of hackers and the need for proactive digital defense systems.

Key Recommendations to Curb the Threat

The report concludes with a firm reminder that while data breaches are becoming more frequent and complex, individuals and organizations can still take significant steps to protect themselves. These include:

• Enabling Two-Factor Authentication (2FA): Adds a second layer of verification that makes it much harder for hackers to gain unauthorized access.

• Using Strong, Unique Passwords: Avoid reusing passwords across multiple platforms. A password manager can help users create and store complex login credentials.

• Regularly Updating Passwords: Changing passwords periodically reduces the risk of long-term exposure from undetected breaches.

• Educating Users on Phishing and Scam Tactics: Many breaches begin with social engineering attacks that trick individuals into handing over access.

Sereika emphasized the importance of adapting to the evolving threat landscape. “Cyberthreats are constantly evolving, and attackers are adapting their tactics. Strong security practices remain essential for individuals and organizations alike.”

Conclusion: A Persistent Digital Challenge

While the drop in breach numbers during Q2 offers a glimmer of hope for Nigeria’s digital future, the scale of breaches recorded in just six months makes clear that the country is still grappling with serious cybersecurity issues. With more than 150,000 users compromised and millions more vulnerable, both government agencies and private organizations must take urgent steps to strengthen digital protections.

As the global cyber threat landscape continues to evolve, so too must Nigeria’s strategies for safeguarding its digital economy and protecting its citizens from the growing menace of identity theft, fraud, and data exploitation.