Interswitch Limited is an integrated payment and transaction processing company that provides technology integration, advisory services, transaction processing and payment infrastructure to government, banks and corporate organizations. We can recall that Helios Investment in UK put a lot of money in this company as part of its majority acquisition few years ago. They invested $110m. Yet, this company could not secure its website as it was hacked last week. Can you believe that? Tekedia got hacked but our hosting and security budget every year is $9.92. For a company that got $110m, they should be better! (Anyway, Tekedia was not hacked directly, it was our hosting company (JustHost.com) that was hacked and that affected us).
The hackers might have entered via a hole in the website and defaced both the Nigerian and Ugandan sites of the payment leading processor in Nigeria. The good news is that these hackers rarely cause any harm than display some stupid photos on the affected sites. Otherwise, imagine if they have stolen credit card information. The company confirmed noted nothing like that happened.
Tekedia hopes Nigerian regulators are notified as they do in U.S. when there are security breaches with customer data. Visa, MasterCard and Amex are required by law to inform the government regulators and the companies are also mandated to contact affected customers. Interswitch should make sure government is aware so that they can be policed out of this next time.
That way, we will know that the industry will remain healthy. The low penetration rate of online based payment system in Nigeria will continue to suffer because of cyber crimes and lousy technology solution providers like InterSwitch. Do you know what it means that a payment system provider is disgraced like this? Do you know what it means that a company that should provide consulting services is messed up like this? That tells you that we have no real expert. Most of these guys are simply businessmen with no core. Hope they hire good and qualified guys to run that company. Otherwise, they should get out to avoid poisoning the industry with hackers and avoidable vulnerabilities. We are very disappointed that they have no apology statement on their site, after the mess.