By Progress Godfrey, ABUJA
The Nigeria Data Protection Commission (NDPC) said it has opened an investigation into an alleged data breach at the Corporate Affairs Commission (CAC) raising fresh concerns over the security of sensitive public databases.
The Commission made this known in a statement on Friday, explaining that the probe, initiated under Section 46(3) of the Nigeria Data Protection Act, 2023, is aimed at safeguarding trust in Nigeria’s economic and digital systems amid growing threats in the cyber space.
Vanguard recalls that major platforms, including Remita and Sterling Bank, have in recent times faced reported cyber threats, reflecting growing pressure on Nigeria’s financial and public digital infrastructure. Also, Corporate Affairs recently raised concerns over suspicious activities targeting its database, heightening fears about the vulnerability of critical national systems to coordinated cyber attacks.
This is even as CAC management has announced a scheduled maintenance on its portal, during which the platform may be temporarily unavailable, while apologising for any inconvenience and urging users to bear with the disruption.
The data protection commission further noted that the threat actors have developed sophisticated methods to compromise data security architecture, including large-scale data exfiltration and cross-platform breaches across interconnected systems.
“The NDPC notes with concern that threat actors in the digital space have devised malicious methods of compromising the data security architecture of key databases. These involve large-scale data exfiltration and cross-platform compromise across interconnected systems,” the statement said.
The National Commissioner and Chief Executive Officer of NDPC, Dr Vincent Olutunji, said he has directed the commission’s technical team to engage relevant authorities and key organisations to strengthen existing data protection measures.
He said, “The investigation of the instant case will, inter alia, cover the procedures and outcomes of access control mechanisms, data privacy impact assessments, vulnerability assessment and penetration testing (VAPT), as well as due diligence on third-party data processors.”
The Commission also reassured the public that Nigeria’s data protection frameworks remain strong despite the reported breach, pointing to the growing adoption of data-driven services.
The NDPC added that ongoing regulatory interventions are designed to sustain public confidence and support continued investment in the digital economy. The Commission added that its actions reflect a broader commitment to strengthening data governance and protecting personal information in an increasingly digital environment.
The post NDPC probes alleged data breach at CAC appeared first on Vanguard News.
