Techpoint Africa has reported that documents available to it indicate some ₦2,949,557,867 has been illegally transferred from the accounts of African fintech unicorn, Flutterwave by hackers.
According to the report, on February 19, 2023, Flutterwave’s legal counsel, Albert Onimole, reported the case to the Deputy Commissioner of Police, State Criminal Intelligence Department, Panti, Yaba, Lagos.
Per Onimole’s letter, the hack on Flutterwave’s accounts occurred about two weeks ago from February 13. He said the money was initially transferred to 28 accounts in 63 transactions. The police were provided with the list of accounts that had received the money, but they could not freeze the funds immediately.
According to Flutterwave, some commercial banks allowed the money to be moved to other accounts, widening the money trail.
Meanwhile, the Legal Officer at Lagos State CID, S. A. Adedesin has filed a suit in the Magistrate Court of Lagos to support Flutterwave’s claims.
The suit is between the Commissioner of Police and the following financial institutions.
- Access Bank
- Providus Bank
- Union Bank
- Keystone Bank
- First City Monument Bank (FCMB)
- Kuda Bank
- Zenith Bank
- First Bank of Nigeria
- Guaranty Trust Bank (GTB)
- United Bank for Africa (UBA)
- Polaris Bank
- Wema Bank
- Union Bank
- Sterling Bank
- Fidelity Bank
- Stanbic IBTC Bank
- VFD Microfinance Bank
- Al-Hayat Microfinance Bank
- Nomba (previously Kudi)
Some accounts have already been frozen
While there are no documents to confirm if the court has ruled on the case, some people have confirmed that their accounts have been frozen in connection to the hack.
A Twitter user said, “I got a mail from my bank saying I’m a 4th beneficiary to this acclaimed fraud money. This was after over five days after a successful trade. My account is locked can’t access fund inside. Pls is this right? It’s unfair I have zero business with flutter wave or the hack.”
Per the motion filed by Adebesin, 107 accounts, including fifth beneficiaries of those accounts, are to be placed on lien/Post-No-Debit (PND).
With the stolen funds distributed across several accounts, which, according to tweets, may or may not have anything to do with the hack, it is not clear at this time who hacked Flutterwave.
Meanwhile, Flutterwave is reportedly preparing to issue an official statement on the hack soon.