The Nigeria Data Protection Commission (NDPC) said it is carrying out an investigation into an alleged data breach involving Remita Payment Services Ltd., Sterling Bank and other entities.
Babatunde Bamigboye, Head, Legal, Enforcement & Regulations, NDPC, conveyed the action in a statement on Sunday.
Notice of Investigation was duly served on the 1st of April, 2026 in line with the Commission’s procedure, he said.
He said relevant parties and individuals have been providing information for the purpose of addressing the incident.
“The aim of the investigation is to ensure that data subjects are protected with appropriate technical and organisational measures. The investigation by NDPC covers, among others, the types of personal data involved, the nature and scope of the alleged breach, the risk to data subjects and the mitigation measures carried out where a breach is confirmed,” he explained.
The Commission’s National Commissioner/CEO, Dr Vincent Olatunji, has directed that organisations that employ digital payment systems without putting in place appropriate technical and organisational measures as mandated under the Nigeria Data Protection Act, 2023 (NDP Act), will also be examined as part of a wider effort to ensure the integrity of the ecosystem.
