NDPC probes Remita, Sterling Bank over alleged customer data breach

Nigeria Data Protection Commission (NDPC) has launched an investigation into an alleged data breach involving Remita Payment Services Ltd., Sterling Bank, and other entities. The probe, which began with a Notice of Investigation served on April 1, 2026, follows reports that threat actors claimed to have accessed sensitive customer and institutional data on dark web forums.

The NDPC statement, signed by Head of Legal, Enforcement and Regulations Babatunde Bamigboye, says the investigation will determine the scope of the incident, the categories of personal data affected, and potential risks to data subjects. The commission will also assess technical and organizational safeguards in place, as well as mitigation measures adopted. National Commissioner Dr. Vincent Olatunji has directed a broader review of organisations using digital payment systems to ensure compliance with the Nigeria Data Protection Act, 2023.

This matters because Remita processes payments for millions of Nigerians—from utility bills to taxes—and Sterling Bank serves millions of customers. A confirmed breach could expose personal details, financial information, and transaction histories, increasing fraud risks and undermining trust in Nigeria's digital payment infrastructure. The investigation follows the NDPC's Temu probe launched in February, signalling heightened scrutiny of data handling practices.

Sterling Bank and Remita have yet to issue official statements. Relevant parties are already providing information to the NDPC. If you use these platforms, monitor your accounts for unusual activity, change passwords, and enable multi-factor authentication where available. The NDPC will announce findings and required remedial actions.

Will you proactively secure your accounts on these platforms, or wait for the investigation to conclude before taking action?

SOURCE: https://www.channelstv.com/2026/04/06/ndpc-probes-remita-sterling-bank-over-alleged-data-breach/