What Happened
In August 2025, specifically on August 30, a threat actor known as 888 claimed responsibility for breaching the database of Kolomoni Microfinance Bank (kolomonimfb.com), a Nigerian personal banking app and microfinance institution, exposing approximately 37,546 to 37,800 customer records on leak sites. The compromised data primarily included email addresses, phone numbers, first names, and last names, with no confirmed reports of more sensitive information like passwords or payment details being leaked, though the bank’s privacy policy indicates it collects such data.
