Nigeria Data Protection Commission (NDPC) has commenced an investigation into an alleged data breach at the Corporate Affairs Commission (CAC), in line with provisions of the Nigeria Data Protection Act, 2023.
NDPC
In a statement issued on Thursday, the commission said the probe was initiated pursuant to Section 46(3) of the Act, underscoring the importance of maintaining trust in Nigeria’s digital and economic ecosystem.
The NDPC expressed concern over the increasing sophistication of cyber threats, noting that malicious actors were deploying advanced techniques to compromise data security architecture across key databases.
Read Also: NDPC Probes Digital Loan Operators Over Alleged Data Privacy Violations
According to the commission, such threats involve large-scale data exfiltration and cross-platform compromise across interconnected systems.
The National Commissioner and Chief Executive Officer of the NDPC, Vincent Olatunji, has directed the commission’s technical team to immediately engage with relevant authorities and critical organisations to strengthen existing safeguards for personal data processing.
The commission said the investigation would examine key areas including access control mechanisms, Data Privacy Impact Assessments, Vulnerability Assessment and Penetration Testing (VAPT), as well as due diligence procedures involving third-party data processors.
Also Read: NDPC Warns Content Creators, Social Platforms on Privacy Breaches
It, however, assured the public that Nigeria’s data protection frameworks remain robust, supported by growing adoption of data-driven services across sectors.
The NDPC added that the ongoing regulatory efforts were aimed at sustaining public confidence and encouraging continued investment in the country’s digital economy.
