The Nigeria Data Protection Commission (NDPC) has commenced investigation into an alleged data breach involving Remita Payment Services Ltd., Sterling Bank and other entities.
NDPC disclosed this at the weekend Sunday in a statement signed by the Head of Legal, Enforcement and Regulations, Babatunde Bamigboye.
The Commission disclosed that a Notice of Investigation was served on April 1, 2026, in line with its regulatory procedures, adding that relevant parties and individuals have since been cooperating by providing information to aid the probe.
According to the NDPC, the investigation is aimed at ensuring the protection of data subjects through the enforcement of appropriate technical and organisational safeguards.
It noted that the probe would examine key issues, including the types of personal data involved, the nature and scope of the alleged breach, potential risks to affected individuals, and mitigation measures taken where a breach is confirmed.
The National Commissioner of the Commission, Vincent Olatunji, has also directed a broader review of organisations deploying digital payment systems without adequate data protection measures, as required under the Nigeria Data Protection Act, 2023.
The Commission stated that the move forms part of efforts to safeguard the integrity of Nigeria’s data protection ecosystem and ensure compliance with existing regulations.
