The Nigeria Data Protection Commission (NDPC) has launched an investigation into an alleged data breach involving Remita Payment Services Ltd., Sterling Bank, and other related entities.
In a statement issued on Sunday, the commission explained that the probe was triggered by reports of a suspected cyberattack circulating on dark web forums, where threat actors claimed to have accessed sensitive customer and institutional data.
The NDPC said it had already issued a Notice of Investigation on April 1, 2026, and is currently working to determine the scope of the incident and the potential risks to affected individuals.
“The aim of the investigation is to ensure that data subjects are protected with appropriate technical and organisational measures.
“The investigation by NDPC covers, among others, the types of personal data involved, the nature and scope of the alleged breach, the risk to data subjects and the mitigation measures carried out where a breach is confirmed,” the commission said.
The commission also noted that relevant organisations are cooperating with the investigation, while broader checks are underway to ensure compliance with data protection laws.
