The Nigeria Data Protection Commission (NDPC) has launched an investigation into a suspected data breach linked to Remita Payment Services Ltd, Sterling Bank, and other related entities.
In a Sunday statement signed by Babatunde Bamigboye, Esq., the NDPC’s Head of Legal, Enforcement and Regulations, the Commission issued a formal Notice of Investigation on April 1, 2026, in accordance with its regulatory procedures.
According to the statement, relevant stakeholders and affected individuals are currently cooperating by providing necessary information to aid in resolving the matter.
The statement revealed that the investigation aims to ensure the protection of data subjects through adequate technical and organisational safeguards.
The statement reads, “It will examine key aspects such as the category of personal data involved, the extent and nature of the alleged breach, potential risks to individuals, and any remedial actions taken where violations are established.”
The National Commissioner of the NDPC, Vincent Olatunji, has also directed that organisations operating digital payment platforms without sufficient data protection measures, as required under the Nigeria Data Protection Act 2023, will be scrutinised as part of broader efforts to strengthen trust and accountability within the digital ecosystem.
