NDPC Probes Alleged Data Breach Involving Remita, Sterling Bank

The Nigeria Data Protection Commission (NDPC) has launched an investigation into an alleged data breach involving Remita Payment Services Ltd., Sterling Bank, and other entities, as part of efforts to safeguard personal data and strengthen compliance within Nigeria’s digital ecosystem.

In a statement issued on Sunday by its Head of Legal, Enforcement and Regulations, Babatunde Bamigboye, the commission said that, in line with its procedures, a Notice of Investigation was duly served on April 1, 2026.

The commission noted that relevant parties and individuals have been providing information to support efforts to address the incident.

According to the NDPC, the investigation aims to ensure that data subjects are adequately protected through appropriate technical and organisational measures.

“The investigation by NDPC covers, among others, the types of personal data involved, the nature and scope of the alleged breach, the risk to data subjects, and the mitigation measures taken where a breach is confirmed,” the statement said.

Meanwhile, the National Commissioner/Chief Executive Officer of the NDPC, Dr Vincent Olatunji, has directed that organisations using digital payment systems without implementing the required technical and organisational safeguards, as mandated under the Nigeria Data Protection Act, 2023, will also be examined.

The commission said this forms part of a broader effort to ensure the integrity and security of Nigeria’s data protection ecosystem.