Brinztech Alert: Database of Ujay Data (Nigerian VTU Platform) is on Sale

Dark Web News Analysis

A threat actor on a known cybercrime forum is advertising the alleged sale of a database belonging to Ujay Data (ujaydata.com.ng), a Nigerian Virtual Top-Up (VTU) and data reselling platform. The dataset reportedly contains 65,000 entries and is marked with a “Leak date 2025,” indicating a fresh and active compromise.

Brinztech Analysis:

• The Target: Ujay Data is a popular VTU platform used for buying cheap data, airtime, and paying utility bills. These platforms are prime targets because they aggregate user funds in “wallets” and collect extensive KYC data.
• The Data: The leaked fields are catastrophic for Nigerian users. They reportedly include:
  • National IDs: NIN (National Identification Number) and BVN (Bank Verification Number). In Nigeria, the BVN is the master key to the banking system.
  • Financial Links: Details linking users to specific banks like Kuda Bank, GTBank, Fidelity Bank, PalmPay, and Paylony.
  • Authentication: User IDs, hashed (or cleartext) passwords, and PINs.
• The Threat: The exposure of BVNs alongside phone numbers and dates of birth allows criminals to bypass identity verification, reset banking PINs, and empty accounts via USSD banking channels.

Key Cybersecurity Insights

This alleged data breach presents a critical threat to the Nigerian fintech ecosystem:

• High-Value Financial Data (BVN/NIN): The leak of BVNs is the most critical aspect. This unique identifier links all of an individual’s bank accounts. Criminals use this data for SIM swapping and identity theft to take over bank accounts.
• Targeted Nigerian User Base: The data specifically targets users of Nigerian digital banking services (Kuda, PalmPay). This allows for highly targeted “vishing” (voice phishing) attacks where scammers pose as bank support knowing the victim’s exact transaction history and BVN.
• Professional Monetization: The seller’s acceptance of escrow and use of Telegram suggests an organized effort to sell this data to fraudsters who specialize in Nigerian banking fraud.
• Platform Vulnerability: VTU platforms often rely on third-party APIs (like Paylony) for wallet funding. A breach here could indicate a vulnerability in how these APIs integrate, potentially exposing the API keys used to manage pooled funds.

Mitigation Strategies

In response to this claim, users of Ujay Data and Nigerian fintech customers must take immediate action:

• Protect Your BVN: Users should never share their BVN or any OTP sent to their phone. If you suspect your BVN is compromised, contact your bank to place a “Post No Debit” (PND) or similar restriction on your account until you can verify security.
• Mandatory Password & PIN Reset: Immediately change the password for your Ujay Data account. More importantly, change your transaction PINs for all linked bank accounts (Kuda, GTBank, etc.), especially if you used the same PIN on the Ujay app.
• Enable App-Based 2FA: Switch from SMS OTP to app-based authentication (like Google Authenticator) for your banking apps if supported. This mitigates the risk of SIM swapping.
• Monitor for “NIN Linking” Scams: Be vigilant against phishing SMS claiming your “NIN linking failed” or “BVN needs update.” These are common scams used to harvest the final pieces of data needed for fraud.

Secure Your Business with Brinztech — Global Cybersecurity Solutions Brinztech protects organizations worldwide from evolving cyber threats. Whether you’re a startup or a global enterprise, our expert solutions keep your digital assets safe and your operations running smoothly.

Questions or Feedback? For expert advice, use our ‘Ask an Analyst’ feature. Brinztech does not warrant the validity of external claims. For general inquiries or to report this post, please email us: contact@brinztech.com