In Q1 2023, Data breaches in Nigeria increased by 64%
In the first quarter of 2023, Nigeria ranked 32nd among the most breached countries in the world, with approximately 82,000 leaked accounts. This represents a 64% increase compared to the previous quarter of 2022, according to a study conducted by Surfshark, an Amsterdam-based cybersecurity firm.
Earlier this year, the Nigeria Data Protection Bureau (NDPB) launched an investigation into data breach allegations involving two Nigerian banks. The NDPB is also currently investigating over 110 companies on similar allegations. The vulnerability to data breaches in Nigeria is considered unacceptable, with reports indicating high rates of successful attacks by fraudsters.
The lack of due diligence by data controllers in engaging data processors or vendors with access to customer personal data has contributed to the abuse and violation of data protection regulations in Nigeria, including the Nigeria Data Protection Regulation (NDPR) and section 37 of the 1999 Constitution.
Experts argue that the management of data collection and protection in Nigeria has received insufficient attention. In the now-defunct Nigeria Data Protection Regulation 2019, there was no obligation for companies to report data breaches. Experts suggest that reporting such incidents would act as a deterrent for poor cybersecurity practices and enhance trust in organizations.
The establishment of the Nigeria Data Protection Bureau (NDPB) was approved by Nigerian President Muhammadu Buhari in February 2022 to strengthen data protection enforcement in the country.
Surfshark conducted the research by collecting data from 29,000 publicly available databases and aggregating it based on email addresses. The location of the email addresses was determined using associated parameters such as domain names, IP addresses, locales, coordinates, currency, or phone numbers. A statistical analysis was then performed on the findings.
Globally, data breaches decreased slightly in the first quarter of 2023, but over 40 million accounts were still breached within that period. The highest number of breaches occurred in Russia, followed by the United States, Taiwan, France, and Spain. The compromised personal information from these breaches poses an increased risk of phishing attacks, fraud, identity theft, and other cybercrimes targeting the affected individuals.
Read more on BenjaminDada
