A coordinated wave of Nigeria ransomware attacks has struck government systems and top financial institutions, exposing serious weaknesses in the country’s digital infrastructure.
Authorities, including the National Information Technology Development Agency (NITDA) and Corporate Affairs Commission (CAC), confirmed that sophisticated cyber actors breached critical systems, triggering outages and suspected data theft.
The fallout forced the CAC to temporarily shut its company registration portal, while the Nigeria Data Protection Commission (NDPC) launched an investigation into the incident.
CAC breach exposes millions of records
At the centre of the crisis is an alleged breach of CAC infrastructure by a threat group known as ByteToBreach.
The attackers reportedly exfiltrated about 25 million documents (750GB), including sensitive corporate records. While roughly 25% were described as routine filings, more than 15 million documents are believed to contain high-value data such as ownership structures and identity information.
Security analysts warn this could fuel identity theft, corporate fraud and blackmail.
Banks, fintechs also hit
The CAC incident is not isolated. The same group has been linked to attacks on Sterling Bank and the government-linked payment platform Remita.
In one case, a misconfigured cloud storage system reportedly exposed terabytes of financial data highlighting how human error can amplify cyber risks.
Industry data suggests Nigerian organisations now face about 4,700 cyberattacks weekly, underlining the scale of the threat.
Cyber threat spreading beyond Nigeria
The attacks mirror a broader global trend. In South Africa, Standard Bank confirmed a breach exposing customer data, while its partner Liberty also reported unauthorised access.
Experts say the pattern shows cybercriminals increasingly targeting financial systems and government databases across Africa.
National security and election risks
Cybersecurity specialists warn the implications go beyond financial loss. With Nigeria preparing for the 2027 elections, systems run by the Independent National Electoral Commission (INEC) could become targets.
Potential threats include ransomware attacks, data manipulation and system disruptions capable of undermining public trust.
Experts warn of “digital sovereignty” crisis
Analysts say the breach exposes deeper systemic failures.
Cybersecurity expert Allen Aliogwo described the incident as a threat to Nigeria’s digital sovereignty, warning that leaked corporate data could allow criminals and even foreign actorsto map critical economic structures.
Other experts blamed outdated systems, weak enforcement, and poor cyber hygiene, calling for urgent reforms including stronger infrastructure, better-trained personnel, and stricter compliance with data protection laws.
NDPC issues nationwide warning
In response, the NDPC has urged organisations to strengthen their defences, recommending measures such as:
- Multi-factor authentication (MFA)
- Zero-trust security architecture
- Continuous system patching
- Cloud and API security upgrades
- Regular vulnerability testing and backups
- Growing economic impact
A recent report by Deloitte estimates Nigeria lost over $3 billion to cybercrime between 2019 and 2025, with annual losses nearing $500 million.
Experts warn that without urgent action, the country’s rapid digital expansion could further increase exposure to cyber threats.
