NDPC Launches Probe Into Alleged Data Breach At CAC

The Nigeria Data Protection Commission (NDPC) has commenced an investigation into a reported data breach involving the Corporate Affairs Commission (CAC), in accordance with Section 46(3) of the Nigeria Data Protection Act, 2023.

The Commission stated that the move underscores its commitment to strengthening trust within Nigeria’s digital economy.

It expressed concern over the growing sophistication of cyber threats, noting that malicious actors are increasingly deploying advanced techniques to compromise critical data infrastructure.

These threats reportedly include large-scale data extraction and coordinated attacks across interconnected digital systems.

As part of immediate regulatory measures, the National Commissioner/CEO of the NDPC, Dr. Vincent Olatunji, has directed the Commission’s technical team to engage relevant authorities and key institutions.

The objective is to reinforce existing safeguards governing the processing and protection of personal data across platforms.

The NDPC further disclosed that the investigation will assess several critical areas, including access control systems, data protection impact assessments, vulnerability testing, and compliance checks on third-party data processors.

These steps are aimed at identifying potential gaps and ensuring adherence to established data protection standards.

Despite the incident, the Commission reassured the public that Nigeria’s data protection framework remains robust and continues to support the growing demand for digital and data-driven services.

The NDPC emphasized that its ongoing actions are essential to maintaining public confidence and encouraging sustained investment in the country’s digital ecosystem.