CAC confirms cybersecurity breach exposes millions of Nigerian companies' data
CAC confirmed unauthorized access to limited aspects of its information systems, affecting millions of Nigerian companies' records. The breach was disclosed via the commission's X account on Wednesday, with CAC stating it activated response protocols and is working with NITDA and other agencies to assess scope.
The exposed data includes registration details of millions of businesses, potentially enabling identity theft, fraudulent filings, or misuse of company information. As the breach occurred days after earlier reports of a hack, concerns grow over the security of Nigeria's corporate registry and the vulnerability of SMEs that rely on CAC for legitimacy.
Affected companies should monitor their CAC profiles for unauthorized changes, enable any available security alerts, and consider notifying banks and partners of potential fraud risk. CAC says containment measures are in place and additional safeguards are being deployed, but has not disclosed a timeline for full resolution or whether individual entities will be notified directly. Staying vigilant and verifying official communications from CAC via its verified channels is advised.