Peter Ndegwa-led Safaricom PLC has once again landed under sharp criticism. This is after IT guru George Njoroge came forward to report that Ksh61,000 was removed from his M-Pesa account illegally, raising fresh questions about data protection and internal controls at the telecoms giant.
In a detailed post on X, Njoroge expressed doubts that all M-Pesa fraud cases are carried out by outsiders, suggesting that some incidents may point to internal weaknesses.
He explained that after demanding a refund publicly at 8:23 pm, events that followed left him alarmed.
“At 8:23 pm, I publicly demanded an M-Pesa refund. Exactly 14 minutes later, at 8:37 pm, I received a WhatsApp call from someone claiming to be from ‘Safaricom Zuri Online Support’,” part of George Njoroge’s post on X reads.
Zuri is Safaricom’s official customer care platform, a detail that has intensified concerns around the incident.
Njoroge questioned how the caller accessed his contact details so quickly, adding that the situation became even more troubling when sensitive information was mentioned.
“More troubling still, they had access to sensitive details, including my current M-Pesa balance. That information is not publicly accessible and can only come from within the Safaricom PLC,” he stated.
Njoroge warned that any internal leakage of customer data, whether through negligence or collusion, amounts to a serious breach of trust. “If customer data is leaking internally… this is not a minor lapse. It’s a fundamental breach of trust,” he added.
The remarks have placed renewed pressure on Safaricom’s leadership, including CEO Peter Ndegwa, with growing public concern over how securely the company safeguards customer information on a platform that handles millions of transactions daily.
