The Chartered Institute of Bankers of Nigeria (CIBN) is reportedly at the centre of a major cybersecurity incident following claims that its internal database, estimated at about 250GB, has been compromised and leaked online by an unidentified threat actor.
The alleged breach, which surfaced on underground cybercrime forums, is said to involve a wide range of sensitive institutional and personal data belonging to members of the banking profession.
Preliminary assessments of sample files circulating online indicate that the exposed data may include full names, email addresses, phone numbers, residential and business addresses, membership records, scanned identification documents, certificates, and internal source code linked to digital systems.
While the authenticity and full scope of the dataset have not been independently verified, cybersecurity analysts say the scale of the alleged breach aligns with a growing pattern of attacks targeting financial institutions and professional bodies across Nigeria’s banking ecosystem.
CIBN, established in the early 1960s, plays a key role in regulating banking professionalism and setting ethical and educational standards for the industry. Its membership includes major financial institutions such as the Central Bank of Nigeria and several commercial banks.
The institute has previously warned about rising cyber threats affecting the financial sector, including ransomware attacks, website compromises, and data breaches targeting sensitive financial information.
If confirmed, the incident would add to a growing list of cybersecurity breaches affecting Nigeria’s banking, telecoms, and public sector institutions, where stolen data is often exploited for identity theft and phishing schemes.
CIBN has yet to issue an official statement confirming or denying the breach. However, cybersecurity experts say the situation underscores the need for immediate forensic investigation, member notification, and a comprehensive audit of institutional data protection systems.
Regulatory authorities are also expected to assess the claims as part of broader efforts to address escalating cyber risks within Nigeria’s financial services sector.
