When Temiloluwa Ogunleye dialled his late mother’s phone number over a year after her death, someone else picked up, even though the SIM card was still in his drawer.
“I was shocked,” he said. “My brother and I hadn’t yet finalised closing her bank accounts.”
Ogunleye is not alone. SIM recycling, the reassignment of phone numbers after long periods of inactivity, has grown to become a digital security threat in the country.
After Bankole Ibukun got a new SIM, she began receiving bank notifications and sensitive information intended for someone else. “I knew how much money was in another person’s account,” she said. “Now imagine if I were a criminal.”
Read also: TransUnion Africa in pact with MTN to create new credit score using phone records
Across social media, Nigerians share similar incidents. “If your Nigerian number was connected to your Nigerian bank accounts for USSD – if you don’t use it for long the network provider can disconnect and sell the number to someone else… but that person would be able to access your money via USSD,” @DrETKandi, based in the UK, tweeted on May 13, 2025, warning diaspora Nigerians who might be unaware.
According to her, the new user of her number had already used the money in her account for airtime. For @vugapella, he kept receiving the bank alert of the previous user.
“It went on for one year. As the new owner of the SIM, I couldn’t reach the person. It has stopped now. That thing is risky,” he tweeted.
@Eemeyrald, added, “Happened to me. They sold my line, and the person stole money from my bank (GTB). I wrote to the bank but haven’t received any answer till date.”
All this pales in comparison to the plight of Anthony Okolie, who was arrested and detained by the Department of State Services (DSS) for 10 weeks for purchasing and using an MTN SIM card that had previously been used and then discarded by Hanan Buhari, the daughter of then-President Muhammadu Buhari, in 2019.
As of April 2025, Nigeria had over 172.95 million active mobile lines. While the Nigerian Communications Commission (NCC) has stoppes updating the number of inactive lines publicly, there were 96.7 million dormant numbers as of February 2023.
Mobile numbers in the country get reassigned when users fail to engage in any revenue-generating activity, such as calls, texts, USSD sessions, or data use, for 360 consecutive days. Once a number is deemed inactive, Mobile Network Operators (MNOs) can recycle it due to the limited pool of valid number combinations.
SIM recycling is not unique to Nigeria. In Nepal, for instance, service providers can reclaim a number after one year of inactivity. In the UK, the dormancy period is shorter, between 30 and 90 days, after which the number becomes eligible for reassignment.
Read also: Bank customers to pay for USSD services with airtime after NCC directive
However, recycled numbers often remain linked to sensitive services previously used by the original owner, including online banking, email, and social media. This can leave new and former users vulnerable to fraud, identity theft, and data breaches. According to the NCC, this presents issues of security and integrity of phone number ownership.
Addressing the problem
To address this, the commission is building a cross-sector platform to track recycled phone numbers and those flagged for fraud, in a bid to protect users from security breaches when phone numbers change hands.
“We are currently working with the CBN, security agencies, and other key stakeholders, with a beta solution already being tested,” a NCC source said.
This new system will collect data on deactivated SIMs, known as churned numbers, and share this information with stakeholders across telecom, banking, and other sectors. It is scheduled for launch in the fourth quarter of 2025, according to multiple sources.
The NCC’s upcoming platform will serve as a centralised directory of recycled and fraud-associated numbers. Service providers will be able to query the system to determine whether a number has a history of fraud or previous ownership, and take appropriate action, such as triggering KYC updates or unlinking accounts.
Read also: NCC begins work on cybersecurity framework to outwit hackers
The commission will host the platform and establish its regulatory and operational framework.
“It will reduce fraud risks and improve our digital and financial services by enabling service providers to proactively detect and act, particularly for high-risk numbers, while updating customer KYC details where applicable,” added another source.
