The Data Protection Commission (DPC) has announced that it is investigating a potential cybersecurity breach that has led to the unauthorized access of personal information belonging to some customers of telecom giant MTN Ghana.
According to the Commission, MTN has confirmed that while personal data may have been exposed, the breach did not affect its core network, billing systems, or financial services infrastructure.
In a statement issued on Friday, April 25, the Commission disclosed that it is working closely with MTN Ghana, the National Communications Authority (NCA), and the Cybersecurity Authority to ascertain the full extent of the breach.
“The Commission wishes to assure the people of Ghana that it is actively monitoring the situation and engaging closely with MTN Ghana, the National Communications Authority and the Cybersecurity Authority,” the DPC stated.
Should the investigation establish that the breach was a result of negligence, the Commission says it will invoke its enforcement powers under the Data Protection Act, 2012 (Act 843) to hold MTN Ghana and/or its parent company, MTN Group, accountable.
Reiterating its commitment to safeguarding the privacy rights of individuals, the Commission stressed that the protection of personal data is a fundamental right under Act 843 and that all data controllers and processors must strictly adhere to its provisions.
The Commission further reminded public and private sector institutions of their legal obligation to register with the DPC – a measure designed to ensure transparency and accountability in data processing practices.
The DPC says it will continue to update the public as new developments unfold, maintaining its commitment to transparency and the protection of data in Ghana’s digital ecosystem.
Meanwhile, the DPC has urged the public to remain vigilant, observe digital safety practices, and report any suspicious activity to their service providers or the Commission.
Credit:NORVANREPORTS
.