EcoCash Regains Control of X Account After Brief Security Breach

HARARE — Zimbabwe's leading mobile money platform, EcoCash, has regained control of its official X account after it was briefly compromised by an unauthorised individual who used the platform to post explicit content and messages claiming responsibility for the breach.

The incident triggered concern among users after unusual posts appeared on the account, including explicit material and statements from an individual alleging that the takeover was intended to expose what he described as weaknesses in EcoCash's security systems. The individual claimed he resorted to hacking the account after allegedly losing US$35 and failing to obtain a refund. However, EcoCash has not commented on those specific claims.

In a statement issued during the incident, EcoCash confirmed that its official X account had been compromised but stressed that the breach was limited to its social media platform and did not affect customer accounts or transaction systems.

The company urged customers to ignore any suspicious messages or posts appearing on the account while efforts were underway to regain access.

During the takeover, the compromised account briefly published unauthorised content, including explicit images and messages that did not originate from EcoCash. Users who follow the account were warned not to engage with or share the posts as the company worked with X to resolve the situation. The incident quickly attracted attention on social media, with screenshots of the unauthorised posts circulating widely before they were removed.

EcoCash later confirmed that it had successfully regained control of the account and removed all unauthorised content. An update issued by the company stated that normal control had been restored and that efforts were continuing to investigate how the breach occurred.

The company reiterated that its core mobile money infrastructure, customer balances, and transaction data remained secure throughout the incident.

Authorities and relevant stakeholders are understood to be investigating the circumstances surrounding the compromise. Cybersecurity experts note that social media account takeovers can occur through various methods, including phishing attacks, credential theft, password reuse, or compromised third-party applications. The incident highlights the growing cybersecurity risks facing organisations that maintain large digital and social media footprints.

EcoCash has advised customers to remain alert and verify information through official channels, particularly following the temporary compromise of the account. The company also encouraged users to report any suspicious activity or messages claiming to originate from EcoCash. While the social media breach caused temporary disruption and reputational concerns, EcoCash maintains that customer funds, transaction records, and internal financial systems were never exposed or compromised. The incident serves as a reminder of the importance of strong cybersecurity practices and account protection measures across all digital platforms.

EcoCash X account hacked