Nigeria Data Protection Commission Warns of Coordinated Cyber Attacks on National Infrastructure

The Nigeria Data Protection Commission (NDPC) has issued a formal warning regarding organized cyber attacks aimed at the nation’s financial networks and vital digital systems.

Babatunde Bamigboye, the commission’s Head of Legal, Enforcement and Regulations, urged organizations to immediately bolster their security protocols.

Technical reviews conducted by the commission identified malicious actors targeting core national services. Institutions managing banking, telecommunications, payment gateways, and public-sector cloud systems are at a heightened risk of experiencing significant data leaks and operational failures.

To comply with the Nigeria Data Protection Act of 2023, the commission requires all data controllers and processors to enhance their organizational and technical safeguards. Recommended actions include:

• Appointing certified Data Protection Officers.
• Performing Data Privacy Impact Assessments.
• Enforcing multi-factor authentication and zero-trust security architectures.
• Managing regular system patches and network segmentation.
• Implementing continuous threat monitoring and encryption protocols.

This advisory follows an active investigation into alleged data breaches involving Sterling Bank and Remita Payment Services Ltd. The NDPC is currently analyzing the extent of these compromises to assess the risk to citizens. The agency remains committed to strict enforcement of data protection laws to prevent widespread privacy violations.