NDPC Cracks Down on Cybercrime: Probes 17 Major Data Breaches in Nigeria, Recovers N400 Million

The Nigeria Data Protection Commission (NDPC) is actively examining 17 significant cases of data breaches that traverse diverse sectors, including finance, technology, education, consulting, government, logistics, and gaming/lottery. Dr. Vincent Olatunji, the National Commissioner of the NDPC, divulged these details during the observance of Global Data Privacy Day in Abuja, revealing that the commission has received a substantial influx of over 1000 complaints related to data breaches, prompting thorough investigations. Olatunji underscored the impact of these operations by highlighting their contribution of N400 million in revenue to the government.

Olatunji expounded: “Within the realm of complaints and investigations, we have received over 1000 grievances. Following an exhaustive review, we verified 50 cases, and investigations are underway in 17 major instances across diverse sectors such as Finance, Technology, Education, Consulting, Government, Logistics, and Gaming\Lottery, among others. Through remedial actions taken in concluded cases, we have successfully generated over 400 million Naira in revenue for the government.”

In a significant disclosure in June 2023, NDPC announced investigations into several entities, including Zenith, GTB, Fidelity, Leadway Insurance, and Babcock University, for alleged data breaches. By October 2023, the Commission expanded its investigative purview to include Opay, Meta, and DHL for similar allegations. These initiatives underscore Nigeria’s unwavering commitment to data protection, backed by a robust legislative framework and strategic initiatives. Further detailing the landscape, the National Commissioner of NDPC highlighted a notable surge in Data Protection Compliance Organizations, growing from 103 to 163. This surge has resulted in a corresponding uptick in annual audit filings. Olatunji projected an anticipated sector revenue of approximately N6.2 billion, creating around 10,100 jobs within this burgeoning domain.

Olatunji expounded, saying, “In our quest to bolster compliance, we have taken measures to increase the number of Data Protection Compliance Organizations from 103 to 163. Consequently, annual audit filings have surpassed the 2000 mark, with cumulative revenue in the sector estimated at 6.2 billion. Noteworthy is the creation of approximately 10,100 jobs thus far. Nigeria’s inclusion in the Global Privacy Assembly, a consortium comprising around 130 countries, and its active participation in the Network of African Data Protection Authorities (NADPA), serve as testaments to our international recognition and the strides made in the data protection landscape.”

Underscoring the critical need for heightened data privacy and protection awareness, Olatunji announced that a comprehensive and detailed overview of the commission’s progress and future steps will be disseminated through the Nigeria Annual Data Protection Report. This report is slated for release during the Annual Anniversary and Award Ceremony scheduled for February 4, 2024.

Shifting the focus to the broader landscape, the Minister of Communications, Innovation, and Digital Economy, Bosun Tijani, emphasized the imperative of moving beyond punitive fines and redirecting attention toward heightened awareness during Data Privacy Week. Tijani advocated for celebrating companies demonstrating compliance and mitigating a knowledge gap, pointing out the necessity for behavioral change. He additionally shared the government’s strategic initiative to digitize all public services, aiming to capitalize on the advantages of the digital economy while concurrently ensuring the robust protection of citizens’ data.