JamzNG Latest News, Gist, Entertainment in Nigeria
The Nigeria Data Protection Commission (NDPC) has launched an investigation into an alleged personal and financial data breach involving Remita Payment Services Limited and Sterling Bank, raising fresh concerns over cybersecurity vulnerabilities in Nigeria’s digital payments ecosystem.
The commission revealed on Sunday that the investigation, which began on April 1, 2026, is aimed at determining whether sensitive information belonging to millions of Nigerians may have been compromised.
In a statement signed by the Head of Legal, Enforcement and Regulation, Babatunde Bamigboye, the NDPC confirmed that notices of investigation have been served on the relevant organisations, while relevant persons are currently being questioned.
He said: “In line with the commission’s procedure, the notice of investigation was duly served on 1 April 2026. Relevant parties and individuals have provided information with a view to addressing the incident.
“The aim of the investigation is to ensure that data subjects are protected with appropriate technical and organizational measures.”
According to the commission, the investigation will examine the nature and extent of the alleged breach, the categories of data involved, the potential risks to data subjects and the mitigation measures taken if breaches are established.
The National Commissioner and Chief Executive Officer of the NDPC, Vincent Olatunji, has also ordered a broader review of organizations operating in Nigeria’s digital payments space, warning that companies that have not implemented adequate safeguards will face sanctions under the Nigeria Data Protection Act, 2023.
The development follows claims from a suspected cybercriminal identified as “ByteToBreach,” that alleged breaches involved both companies.
The hacker reportedly claimed access to approximately one million customer accounts and thousands of employee records linked to Sterling Bank, including sensitive data such as bank verification numbers, account details, identification documents, transaction history and credit information.
Similar claims have also been made against Remita, a payment gateway widely used for government and private sector transactions.
While the allegations are yet to be officially confirmed by the organizations concerned, the NDPC said the ongoing investigation is part of a broader effort to safeguard the integrity of Nigeria’s data protection framework and ensure compliance across the financial technology ecosystem.
The latest move highlights growing regulatory scrutiny amid rising cases of cyber threats targeting Nigeria’s financial institutions.
In recent enforcement actions, the commission has imposed heavy fines on organizations found guilty of data protection breaches, signaling a tougher stance on compliance.
‘Want to share a story with us? Do you want to advertise with us? Do you need advertising for a product, service or event? Contact us on WhatsApp +2348183319097 Email: platformtimes@gmail.com
We are committed to impactful investigative journalism for human interest and social justice. Your donation will help us tell more stories. Please donate any amount HERE
