When the year finally ends, I think we should gather African tech companies in a room and ask how many of them survived without suffering a single cybersecurity attack.
Itβs becoming that bad. But before you pull a strand out of your hair, please relax; no one got attacked this time. Yet, South Africaβs Information Regulator said there were 2,374 security breaches in the 2024/25 financial year; thatβs about 198 breach notifications popping up in situation rooms every month.
And somehow, it got even worse this year. About 1,947 of those breaches happened from April 2025 to date. Itβs like more talented attackers have been inspired to put on a V for Vendetta mask and become self-described βhacktivists.β That, or these people are just angry.
Across Africa, several companies have suffered direct and third-party breaches this year, including Kenyaβs M-Tiba, which was hit recently, and others like Safaricom, Eskom, and various government agencies across the continent.
In South Africa, telecom companies Cell C and MTN suffered ransomware and data breach attacks. Another report said the countryβs State Security Agency (SSA), its intelligence service (donβt laugh), was possibly attacked by RedNovember, an alleged Chinese state-sponsored group, in September.
The trend is increasingly worrisome, and company executives across industries have been calling for stronger security measures. Yet in an erratic market like Africa, where other concerns such as compliance, product, and marketing often dominate budgets, should tech companies really be paying significantly more for security than for everything else?
