By Spy Uganda
Reports coming in from different sources indicate that at least thirty billion shillings (Ugx30bn) is estimated to have been stolen after anonymous hackers broke into Airtel Mobile Commerce Uganda Limited (Airtel Mobile Money) systems.
The reports that started trending on Saturday evening allege that the hackers gained unauthorized access to the Airtel Money central systems and wired money to bank accounts in various banks connected to the Airtel to Bank Wallet services.
The money was then evacuated via several banking agents across the country as well as mobile money agents.
However, a sudden spike in transactions on the accounts that were previously dormant alerted the banks and Airtel who immediately shut down the Airtel to Bank Wallet services before probing the matter.
Not First Saga
Last year, Buganda Road Court charged and remanded to Kitalya Prison five people over hacking into Airtel Money services and stealing customers’ money.
The suspects, all residents of Kikajjo zone, Namasuba in Wakiso district, defrauded businessman Salim Sserujja of over sh10m by gaining access to his phone through an Airtel Money application without his consent.
A 2020 report by the Police’s Criminal Investigations Directorate (CID) revealed that at least Shs5 billion was fraudulently sent to 877 Airtel Uganda Sim Cards while 755 MTN Sim Cards fraudulently received at least Shs5.5 billion via mobile money. The money was quickly withdrawn by the scammers.
Earlier this year, a one Henry Bukenya lost more than Shs7m when someone stole his mobile phone.
Bukenya wondered how the thieves were able to access his account including the National Identification details.
Airtel Uganda, the company accused, acknowledged receiving the complaint in November 2021 and the actions taken include blocking his account to investigate the allegations.
Airtel Mobile Commerce Uganda Ltd eventually acknowledged the fraud, saying insider connivance enabled it. It added that the culprit was identified and “appropriate action was taken.”
Bukenya was compensated in February 2022.
In the same year, a security breach on a consumer finance aggregator, Pegasus Technologies, compromised the mobile money network in the country. More than Shs10 billion reportedly went up in smoke.
Payment system providers and operators, among which include mobile money operators and aggregators, must within 24 hours notify the Bank of Uganda, the regulator, of suspected or confirmed fraud, security breach, and material service interruptions, according to regulations, provided under the National Payment Systems Act.