The National Information Technology Development Agency (NITDA) has called on organisations in Nigeria to stop concealing cyberattack incidents, warning that such practices could expose the wider digital ecosystem to greater risks.
The agency said the recent breach involving a financial institution, which reportedly extended to connected platforms such as Remita, highlights the growing vulnerability of Nigeria’s interconnected digital infrastructure.
The Nigeria Data Protection Commission (NDPC) has since launched an investigation into the incident, which is believed to involve the compromise of sensitive customer data.
Speaking at the GITEX Africa technology event in Morocco, NITDA Director-General, Kashifu Abdullahi, said organisations must prioritise information sharing over secrecy when dealing with cyber incidents.
“Our main focus is deepening synergy among stakeholders,” he said. “The mindset that organisations should hide attacks to protect their reputation must change. They may not need to make incidents public, but they should share intelligence so others can protect themselves.”
He warned that cyber threats are becoming more sophisticated, driven largely by artificial intelligence and the increasing interconnection of digital systems.
According to him, a single breach can quickly escalate beyond one organisation if not properly contained and communicated.
“If one organisation is compromised, it can become a launch pad to attack others,” he said, adding that NITDA is working with relevant government institutions and its supervising ministry to strengthen national cyber resilience.
Meanwhile, the NDPC confirmed that it is actively investigating the alleged data breach to determine the extent of exposure and ensure affected individuals are protected.
The commission said the probe will examine the nature of the breach, the categories of data involved, the level of risk to users, and the response measures taken by the affected organisations.
It also noted that organisations operating digital payment systems without adequate safeguards under the Nigeria Data Protection Act, 2023, would be subject to regulatory scrutiny.
NDPC said the broader objective is to strengthen compliance, protect personal data, and improve trust in Nigeria’s fast-growing digital financial ecosystem.
