The Nigeria Data Protection Commission (NDPC) has launched an investigation into an alleged data breach at the Corporate Affairs Commission (CAC).
This was disclosed in a statement signed by NDPC’s Head of Legal, Enforcement and Regulations, Babatunde Bamigboye on Friday.
The probe, initiated under Section 46(3) of the Nigeria Data Protection Act 2023, is aimed at safeguarding public trust and strengthening Nigeria’s digital economy amid growing cyber threats.
NDPC expressed concern over increasingly sophisticated tactics deployed by threat actors, including large-scale data exfiltration and cross-platform compromises affecting interconnected systems.
The National Commissioner of NDPC, Vincent Olatunji, has directed the Commission’s technical team to collaborate with relevant authorities and critical stakeholders to reinforce existing data protection measures.
According to the NDPC, the investigation will examine key areas such as access control mechanisms, Data Privacy Impact Assessments, Vulnerability Assessment and Penetration Testing (VAPT), as well as compliance by third-party data processors.
Despite the reported breach, the Commission reassured the public that Nigeria’s data protection frameworks remain robust, citing increased adoption of data-driven services as evidence of system resilience.
The NDPC noted that ongoing regulatory interventions are essential to sustaining confidence in digital platforms and attracting continued investment in the country’s expanding digital economy.
