In a recent press statement, the National Commissioner of the Nigerian Data Protection Bureau (NDPB), Dr Vincent Olatunji, disclosed that the NDPB in collaboration with the Nigerian Police Force is investigating several companies for alleged data privacy and protection breaches. The companies being investigated include banks, telecommunications firms, gaming companies and online lending companies. According to the Commissioner, the data breaches stem from the lack of due diligence on the part of data controllers in engaging data processors or vendors that have access to the personal data of customers.
In another press statement, the head of legal enforcement and regulations of the NDPB, Mr. Babatunde Bamigboye, disclosed that the NDPB is investigating some Nigerian banks for data breaches based on allegations of unlawful disclosure of banking records to a third party, unlawful access and processing of personal data.
The investigation would cover the data governance practices of all the branches of the affected banks in Nigeria. According to the National commissioner of the NDPB, the Nigeria Inter-Bank Settlement System (NIBSS) had disclosed that over the course of 2020, fraudsters were largely successful in data privacy related attacks. Such level of vulnerability to data breaches, according to the commissioner, was unacceptable and could only be remedied through fool-proof data security and data privacy measures by data controllers and data processors in the industry. The commissioner enjoined organisations to abide by Federal Government circulars and general compliance notices mandating them to send the names/contacts of their Data Protection Officers to the NDPB.
He called for compliance with the Nigerian Data Protection Regulation 2019 by financial institutions and creation of robust data governance systems by such entities. He also stated that enforcement measures will be taken against wilful violators of privacy rights going forward.
You can find more details here: