Mirian Gom 
ABUJA, Nigeria – Nigeria Data Protection Commission launches an investigation into an alleged data breach involving Remita Payment Services Limited, Sterling Bank and other entities, raising concerns over digital security.
The probe follows reports of a suspected cyberattack circulating on dark web forums, where threat actors claim access to sensitive customer and institutional data.
The commission says it issued a Notice of Investigation on April 1, 2026, to determine the scope of the incident and assess risks to data subjects.
“The aim of the investigation is to ensure that data subjects are protected with appropriate technical and organisational measures,” the commission states.
The inquiry will examine the types of personal data involved, the nature of the alleged breach and mitigation steps taken where necessary.
Relevant organisations are already providing information to support the investigation.
NDPC National Commissioner Vincent Olatunji orders a broader review of organisations operating digital payment systems to ensure compliance with the Nigeria Data Protection Act, 2023.
Entities found lacking adequate safeguards will face scrutiny, the commission warns.
Neither Remita nor Sterling Bank has issued an official response.
The development follows a similar probe into global e-commerce platform Temu earlier this year, signalling increased regulatory oversight of Nigeria’s digital ecosystem.
About the Author
Oluwatobi Adu 
