Ghana’s Data Protection Commission (DPC) has said that it is closely monitoring the recent cybersecurity incident at the MTN Group, and if it is discovers that the personal information of any Ghanaians has been compromised to negligence, it will not hesitate to crack the whip.
The MTN Group on Thursday reported that it has been hit by a cybersecurity incident, and even though it core network, billing systems and financial service platform were secure, customer information across some markets have been compromised.
MTN said it had no cause to believe that customer accounts and mobile money wallets have been affected, but still cautioned customers to take precautionary measures for good measures.
MTN has since informed Ghanaian industry regulators such as the National Communications Authority (NCA), the Cybersecurity Authority (CSA) and the DPC about the incident.
A statement, DPC said it has taken note of a potential cybersecurity incident at MTN, adding that while the full scope of the breach is still emerging, it wishes to assure the people of Ghana that it is actively monitoring the situation and engaging closely with MTN Ghana, NCA and CSA.Â
“Should it be determined that the Personal Information of any Ghanaian citizen or resident has been compromised as a result of negligence, the Commission will not hesitate to invoke its enforcement powers under Act 843 to hold MTN Ghana and/or MTN Group accountable,” it warned.
The statement said the Commission wishes to reiterate to the public that the privacy and protection of Personal Information is a fundamental right, and all Data Controllers and Processors operating within Ghana or processing the Personal Information of Ghanaian citizens are expected to adhere strictly to the provisions of Act 843.
It said the Public is reminded that Act 843 legally requires all public and private institutions to register with the Commission, adding that, this registration ensures that these entities are accountable for how they handle Personal Information.
“To safeguard your Personal Information, always check if an institution or service provider you engage is licensed,” the statement said. “We encourage the Public to remain vigilant, adopt recommended digital safety practices, and report any suspicious activity to their service providers and the Commission.”
DPC assured the public that it will provide further updates to the public as the situation at MTN evolves, and also promised to maintain transparency, accountability, and the protection of individual rights in the digital space.
