The Nigeria Data Protection Commission has launched an investigation into Remita and Sterling Bank following reports of a potential large-scale data breach.
The regulator said it issued a formal notice of investigation on April 1, 2026, to determine the scope of the alleged incident, the type of data exposed, and risks to affected individuals.
The probe follows online claims by a threat actor known as “ByteToBreach,” who alleged responsibility for breaching systems linked to both organisations. Reports suggest that terabytes of sensitive data, including identity documents, banking details, and internal records, may have been exposed.
The Commission said it is also assessing mitigation steps taken and will ensure adequate protection measures for affected data subjects.
