Cellulant Denies Reports Their Database Was Breached

However they confirmed the breach was from a third party


Cellulant, the Kenyan multinational payments company has today clarified that an alleged breach on their database that was shared on Twitter is not true.

“On December 16 2020, a message on Twitter suggested that a Cellulant database may have been compromised and the contents leaked on the Internet,” the company said in the statement.

The said message is a tweet from Security Chronicle which claims that hackers claimed to have a database of Cellulant in a leak forum. The data that was apparently leaked included names, email ID, phone number and hashed passwords.

The company clarified about this alleged security breach mentioned on the tweet.

“Our Cellulant security team has investigated the incident and established the following: Cellulant systems were not breached. All our production and staging systems remain secure. There has been no malicious and/or suspicious activity in our systems. No customer data has been exposed. There is no risk to our customers business or to their users/customers,” they said.

However, the company confirmed that the breach they were talking about was a “test system” that belonged to a third party off shore service provider that is not connected in any way to their systems.

“We continue to monitor and are taking precautionary measures. We take information security seriously and remain committed to strengthening our security controls to ensure our systems and customer data are protected,” Cellulant said.

Data breaches are the stuff of nightmares for companies that hold user data and it is commendable Cellulant acted fast to dispel any mistruths about their system integrity.