Menu

A new analysis by Surfshark, a cybersecurity company, has revealed a downward trend in user data account leaks in Nigeria in the first quarter of the year. Data breaches in the country decreased by 85% in Q1 2025 compared to the previous quarter.

According to the report shared with Financial Nigeria, Nigeria ranks 34th globally with 119,000 breached accounts. Approximately 1 Nigerian user account was breached every minute in Q1 2025.
        
Surfshark's analysis of data breaches since 2004 shows Nigeria is the 3rd in Sub-Saharan Africa, with 23.2 million compromised user accounts. A total of 7.3 million unique emails were breached from Nigeria. Also, 13 million passwords were leaked together with Nigerian accounts, putting 56% of breached users in danger of account take over that might lead to identity theft, extortion or other cybercrimes. Statistically, 10 out of 100 Nigerian people has been affected by data breaches, according to the analysis.

Globally, the latest data by Surfshark shows a 93% drop from 973.7 million to 68.3 million leaked accounts in Q1 2025. The United States, Russia, India, Germany, and Spain were the countries most affected by breaches.

"In Q1 2025, the number of leaked accounts dropped dramatically, following the alarming surge in breaches seen in 2024, particularly in Q3 and Q4,” said Luís Costa, Research Lead at Surfshark. “Unlike the previous year, which saw compromised data reach record levels, Q1 2025 experienced a sharp decrease in exposed accounts."

"Although the number of vulnerable accounts in all major regions decreased in Q1 2025 compared to the previous quarter, people should remain vigilant. Cyberthreats continue to evolve, and attackers are constantly adapting their tactics. To protect personal and organisational data, it is essential to follow strong security practices, regularly update passwords, enable 2FA (two-factor authentication), and stay informed about potential risks," added L. Costa.
        
In descending order, the 10 most breached countries in Q1 2025 were the US (16.9 million), Russia (4.4 million), India (4.2 million), Germany (3.9 million), Spain (2.4 million), the UK (2.2 million), France (2.1 million), Canada (0.89 million), Argentina (0.79 million), and South Sudan (0.73 million).

The countries with the highest breach density in Q1 2025 (number of leaked accounts per 1,000 residents) were South Sudan (61), Spain (51), the US (49), Germany (46), Slovenia (45), Israel (37), the UK (32), France (32), Russia (30), and Norway (25).

According to Surfshark, a data breach happens when confidential and sensitive data gets exposed to unauthorised third parties.

Elaborating on the methodology of the study, Surfshark said it treated every breached or leaked email address used to register for online services as a separate user account, which may have been leaked with additional information, such as password, phone number, IP address, zip code, and more.

It said the data was collected by its independent partners from 29,000 publicly available databases and aggregated by email address. The data was then anonymised and passed on to Surfshark’s researchers to analyse their findings statistically. Countries with a population of less than one million people were not included in the analysis.

Surfshark’s product offerings include an audited VPN, certified antivirus, data leak warning system, private search engine, and tool for generating an online identity. It has been recognised as a leading VPN by CNET and TechRadar and has also been featured on the FT1000: Europe's Fastest Growing Companies ranking. Headquartered in the Netherlands, Surfshark has offices in Lithuania and Poland.