There is a strong likelihood of backlash against M-Pesa in Kenya in coming years according to ISC2 MD of EMEA Adrian Davis.
Speaking at the launch of the Trustwave Global Security report, Davis attributed the rise of internet access in Africa to increased attacks against the payments programme.
Davis said: "The changes to technology in areas like Africa will potentially cause a boom in people using the internet to disrupted new technology and information. M-Pesa will be a common target in Kenya."
The Trustwave security report identified that data breach investigations increased 54% in 2013, compared to 2012.
It found that 45% of data thefts involved non-payment card data and e-commerce made up 54% of assets targeted.
Point-of-sale (POS) breaches accounted for 33% of Trustwave investigations.
Trustwave found that the vast majority of companies targeted by attacks are in the US (59%) with 14% in the UK and 11% in Australia.
The US also topped the list of where attacks originated (19%) with China close behind with (18%).
Nigeria was third with 16%, above various other countries all found to house around 5% of attacks.
Human error remains a serious factor in corporate security.
Despite companies spending more than ever on security, Trustwave found that weak or default passwords contributed to one third of security compromises.
High profile data breaches have sparked greater interest in the industry in the last year, most notably the Target POS breach which some analysts say will cost the retailer $500m to $1.1bn and the banks involved $200m.
Robert McCullen, chairman and CEO at Trustwave said: "Security is a process that involves foresight, manpower, advanced skillsets, threat intelligence and technologies. If businesses are not fully equipped with all of these components, they are only increasing their chances of being the next data breach victim."
"As we have seen in our investigations, breaches are going to happen. However, the more information businesses can arm themselves with regarding who are their potential attackers, what those criminals are after and how their team will identify, react and remediate a breach if it does occur, is key to protecting their data, users and overall business."