Nigerian Police Arrest Hackers of Microsoft Database

Abuja, Nigeria — December 18, 2025

The Nigerian Police Force has arrested several high-profile cybercrime suspects linked to a coordinated attack on Microsoft’s database systems. The arrests were carried out by the National Cybercrime Centre (NPF–NCCC) in collaboration with the United States Federal Bureau of Investigation (FBI) and the U.S. Secret Service.

According to police spokesperson CSP Benjamin Hundeyin, the suspects used a sophisticated phishing toolkit known as RaccoonO365 to create fake Microsoft login portals. These portals were designed to harvest user credentials and unlawfully access email systems of major corporate, financial, and educational institutions.

How the Operation Unfolded

Microsoft Corporation alerted U.S. authorities to the breach, triggering an international investigation. Intelligence was shared with Nigerian authorities, leading to the arrest of suspects in Lagos and Edo States.

One of the key suspects, Okitipi Samuel, was apprehended and is currently in custody.

The RaccoonO365 phishing kit allowed attackers to mimic Microsoft 365 login pages, tricking users into entering their credentials. These stolen credentials were then used to infiltrate sensitive systems across multiple sectors. This case highlights the growing threat of international cybercrime and the importance of cross-border cooperation. The Nigerian Police emphasized their commitment to digital security and warned that more arrests may follow as investigations continue.