Major Security Alert As Hackers Hit Nigeria’s Top Agencies
Nigeria’s cybersecurity landscape has entered a more dangerous phase as critical financial and security institutions face increasingly sophisticated cyberattacks.
Nigeria is facing a new wave of dangerous cyberattacks. Major security and financial groups are now the main targets. In the latest incident, the Economic and Financial Crimes Commission (EFCC) was reportedly reporting a major data breach. Sensitive files from the agency appeared on a dark web forum on April 21, 2026.
RELATED: Alleged data breach at CIBN raises fresh cybersecurity and data protection concerns in Nigeria
The leaked dataset was allegedly published by a threat actor linked to a group identifying as “Nullsec Nigeria.” It is said to contain operationally sensitive information, including agent names, phone numbers, code names, and password hashes linked to EFCC personnel.
Sensitive Data Exposed
Security analysts reviewing samples circulating online say the compromised data includes:
Names and contact details of EFCC operatives
Operational aliases and internal identifiers
Password hashes associated with EFCC systems
The inclusion of password hashes significantly heightens the risk of credential cracking, unauthorised access, and impersonation of law enforcement personnel, a risk that escalates with far-reaching security implications.
Risks to National Security
As Nigeria’s leading anti-corruption agency, the EFCC plays a central role in financial crime enforcement. Analysts warn that exposure of its internal data could:
Endanger operatives and their families
Compromise ongoing investigations
Enable suspects to evade arrest or destroy evidence
Undermine public and international confidence in Nigeria’s anti-graft framework
The direct targeting of a law enforcement database marks a troubling shift from opportunistic cybercrime to intelligence-driven institutional attacks.
Patterns of Institutional Attacks:
The EFCC incident follows closely on the heels of a confirmed breach at the Corporate Affairs Commission (CAC), which disclosed unauthorised access to its systems in April 2026. Threat actors claimed to have exfiltrated millions of corporate registration records, forcing CAC to suspend its online registration portal temporarily.
The Nigeria Data Protection Commission (NDPC) subsequently opened investigations under the Nigeria Data Protection Act, highlighting growing regulatory concern over systemic weaknesses in public-sector data protection.
Retaliation from Fraud Groups
The EFCC breach comes amid intensified crackdowns on internet fraud syndicates, commonly referred to as “Yahoo boys.” The agency has disclosed investigations involving thousands of individuals engaged in identity trading and digital fraud, with some cases allegedly aided by insider collusion within financial institutions.
Experts note that this enforcement pressure may be driving retaliatory cyberattacks aimed at disrupting investigations and intimidating institutions.
A Broader Wave of Sophisticated Cyber Intrusions
Reports from the National Information Technology Development Agency (NITDA) indicate that Nigeria is facing coordinated ransomware and data-exfiltration attacks targeting tier-one financial institutions and government agencies.
Cybersecurity assessments suggest Nigerian organisations are now facing thousands of attempted attacks weekly, underscoring the scale and persistence of the threat.
One prolific threat actor, ByteToBreach, has been linked to multiple recent incidents, including attacks on CAC, payment platforms, and commercial banks, with attackers detailing step-by-step system takeovers and large-scale data exfiltration.
The threat is not confined to Nigeria. In Southern Africa, Standard Bank recently confirmed a data breach affecting internal administrative systems, while its insurer, Liberty, disclosed unauthorised third-party access to select data environments. These incidents point to a regional surge in attacks on financial infrastructure.
From Opportunistic Crime to Strategic Digital Warfare
Cybersecurity experts warn that Nigeria’s threat environment has shifted decisively:
From isolated fraud to coordinated institutional breaches
From financial theft to data-driven extortion and sabotage
From individual victims to national infrastructure targets
With the 2027 general elections approaching, analysts caution that institutions such as electoral bodies could become attractive targets if systemic vulnerabilities persist.
The NDPC has issued regulatory advisories to data controllers and processors, citing intelligence suggesting coordinated targeting of financial systems and critical digital infrastructure nationwide. Experts stress that the EFCC and CAC incidents highlight urgent gaps in Nigeria’s Digital Public Infrastructure (DPI), cybersecurity governance, and inter-agency resilience.
Calls are growing for:
Stronger cybersecurity investment across MDAs
Mandatory security audits and penetration testing
Clear incident response and disclosure protocols
Tighter oversight of third-party technology vendors
The Future of Digital Safety
Taken together, the EFCC and CAC breaches signal a sustained campaign against Nigeria’s financial and security institutions. Whether Nigeria can stem this tide will depend on how quickly regulators, security agencies, and policymakers translate warnings into coordinated action.
The attacks are no longer just about stolen data; they are now striking at trust, governance, and national security itself. According to the SBTS Security Operations Centre (SOC) in Abuja, Nigeria is experiencing a dangerous evolution: opportunistic cybercrime is giving way to highly coordinated, intelligence-driven attacks.