Nigeria’s corporate registry, a critical pillar of the country’s business environment, has come under cybersecurity scrutiny following a breach involving unauthorised access to its systems.
The Corporate Affairs Commission (CAC) confirmed that it is currently reviewing a data breach incident that affected limited aspects of its information systems, signalling yet another test of resilience for Nigeria’s growing digital governance infrastructure.
In a statement issued on Wednesday, the Commission disclosed that it detected the intrusion and swiftly activated its internal response protocols.
It is now working with the National Information Technology Development Agency (NITDA) and other relevant stakeholders to assess the scope, origin, and potential impact of the breach.
While CAC maintained that the breach was contained and affected only parts of its systems, it did not specify the exact data accessed or the number of users potentially impacted, leaving critical questions around exposure and risk unanswered.
Users Advised to Take Immediate Action
In response to the data breach incident, the Corporate Affairs Commission has urged users of its portal to adopt precautionary measures, including updating login credentials, monitoring company records for unauthorised changes, and remaining vigilant against suspicious communications.
The advisory reflects growing concerns that compromised data, if accessed, could be exploited for phishing, identity theft, or corporate impersonation schemes targeting registered businesses.
Cybersecurity analysts warn that even limited access to a database as sensitive as CAC’s could expose critical corporate information, including details of directors, shareholders, and registered entities, potentially undermining trust in Nigeria’s business verification systems.
A Broader Pattern of Digital Vulnerabilities
The incident adds to a rising wave of cybersecurity threats affecting both public and private sector platforms in Nigeria, as more government services migrate online without commensurate investment in security infrastructure.
Experts note that the digitisation of public services, while improving efficiency and accessibility—has expanded the attack surface for cybercriminals, making agencies like CAC increasingly attractive targets.
The involvement of NITDA in the ongoing investigation underscores the national significance of the breach, particularly given CAC’s role as the central repository for millions of business records across the country.
Balancing Digital Growth with Cyber Resilience
Despite assurances that its services remain operational and additional safeguards have been deployed, the breach highlights a critical challenge facing Nigeria’s digital economy: how to scale innovation without compromising data integrity.
For stakeholders, the incident reinforces the need for stronger cybersecurity hygiene—from robust password management to continuous monitoring of digital assets.
For policymakers, it raises deeper questions about regulatory enforcement, institutional preparedness, and the urgency of building resilient digital systems capable of withstanding increasingly sophisticated cyber threats.
As investigations continue, the CAC has pledged to provide further updates—while reiterating its commitment to safeguarding the integrity of Nigeria’s corporate registry.
