The Nigeria Data Protection Bureau (NDPB) has initiated an investigation into allegations of data breach against two major Nigerian banks, GTB and Zenith Bank

The probe follows accusations of unauthorized disclosure of banking records to third parties and unlawful access and processing of personal data.

In a statement released on Monday, NDPB’s National Commissioner and CEO, Dr. Vincent Olatunji, stated that the investigation will encompass the data governance practices of the banks across all their branches in Nigeria, as well as extend to third parties involved in data processing activities.

The bureau expressed concern over the lack of implementation of data privacy and protection regulations and best practices within major data controllers in Nigeria.

It urged organizations to comply with federal government directives requiring them to provide the names of their Data Protection Officers/Contacts to the bureau.

According to reports from the Nigeria Inter-Bank Settlement System (NIBSS), fraudsters attempted 46,126 attacks within nine months of 2020, with a success rate of 91%.

NDPB emphasized that such vulnerability to data breaches is unacceptable and can only be mitigated through robust data security and privacy measures.

The statement quoted NDPB’s head of legal enforcement and regulations, Babatunde Bamigboye, who emphasized the importance of financial institutions following the example set by the Central Bank of Nigeria in complying with the Nigeria Data Protection Regulation (NDPR) 2019 and implementing effective data governance systems.