Data Breach Scandal: Sterling Bank and CAC Under Fire

A significant data breach scandal has emerged involving Sterling Bank, Remita, and the Corporate Affairs Commission (CAC) in Nigeria. Reports indicate that threat actors gained unauthorized access to sensitive system data across these institutions, raising serious concerns about data protection practices and regulatory compliance.

The breach, linked to hackers identified as Bytetobreach, reportedly compromised credentials on platforms, highlighting risks associated with poor data security practices. The CAC, which oversees Nigeria's central corporate registry, was particularly affected, with sensitive records, including company ownership details, being compromised.

Despite the scale of the incident, the CAC acknowledged the issue and confirmed collaboration with the National Information Technology Development Agency to address the situation. However, the scope of data exposure has sparked debates about whether official disclosures fully reflect the severity of the incident.

This situation raises questions regarding compliance with the Nigeria Data Protection Act 2023, which mandates organizations to notify affected individuals within a specific timeframe following a data breach.