The Nigeria Data Protection Commission (NDPC) has raised alarm over coordinated cyber threats targeting Nigeria’s financial systems and critical digital infrastructure, urging organisations to urgently strengthen their data security frameworks to prevent breaches and disruptions.
In an advisory signed by its Head of Legal, Enforcement and Regulations, Babatunde Bamigboye, the commission disclosed that its technical assessment uncovered activities by suspected threat actors carrying out attacks on key national systems, particularly in banking, telecommunications, cloud services, and public-sector platforms.
The NDPC warned that these sectors are increasingly vulnerable, stressing the need for organisations handling personal data to comply with the Nigeria Data Protection Act 2023 by enhancing both technical and organisational safeguards to protect data subjects.
It recommended measures such as appointing certified Data Protection Officers, conducting Data Privacy Impact Assessments, and implementing advanced security tools including multi-factor authentication, zero-trust architecture, network segmentation, encryption, and continuous system monitoring.
The advisory comes amid an ongoing investigation into an alleged data breach involving Remita Payment Services Ltd and Sterling Bank, with the NDPC vowing to enforce compliance and warning that failure to adopt adequate protections could expose millions of Nigerians to cyber risks and privacy violations.