Nigeria's CAC confirms security breach, advises users to monitor records amid rising cyber threats

Nigeria's Corporate Affairs Commission confirmed a security breach allowing unauthorized access to parts of its system, announced in a statement issued Wednesday (April 15, 2026). The Commission stated that appropriate containment measures have been implemented and additional safeguards are in place, while advising users to monitor their records on the CAC portal and remain cautious of suspicious data requests or communications. CAC has activated response protocols with the National Information Technology Development Agency (NITDA) and other partners to investigate the incident.

This breach affects all Nigerians who use CAC services for business registration, verification, or accessing corporate records - potentially exposing sensitive company data. It comes amid a surge in cybercrime across Africa, with INTERPOL reporting over $3 billion lost to cyber threats between 2019 and 2025. Recent incidents include alleged breaches at Nigerian payment processor Remita and tier-2 lender Sterling Bank in March 2026, and Kenya's M-TIBA healthcare data breach in October 2025 where patient records were leaked on public Telegram channels.

Regulators across the continent are responding: Zambia split its cyber law into separate Security and Crimes Acts in April 2025; South Africa's Information Regulator now mandates online breach reporting with specific disclosure requirements; and Kenyan operators must alert data controllers of potential breaches within 48 hours. For Nigerian businesses and entrepreneurs, this underscores the growing importance of cybersecurity vigilance in daily operations.

Given the rising frequency of cyber threats targeting Nigerian institutions, what specific steps are you taking to protect your business data, verify official communications from agencies like CAC, and prepare for potential security incidents?

SOURCE: https://techcabal.com/2026/04/16/techcabal-daily-kenya-gives-credit-where-its-due/