Nigeria’s corporate registry has come under renewed scrutiny following a cybersecurity breach at the Corporate Affairs Commission, raising concerns about the resilience of the country’s digital governance systems. The Commission confirmed that unauthorised access was detected within parts of its infrastructure and that internal response protocols were immediately activated to contain the incident.
The agency disclosed that it is working closely with the National Information Technology Development Agency and other stakeholders to investigate the scope and origin of the breach. While officials insist that only limited aspects of the system were affected, the absence of clarity on what data may have been accessed has left businesses and users uneasy about potential exposure.
In response, the Commission has advised users to update their login credentials, monitor company records for suspicious changes, and remain alert to phishing attempts or fraudulent communications. Cybersecurity experts warn that even partial access to such a database could expose sensitive corporate details, including information about directors and shareholders, creating risks of identity theft and corporate impersonation.
The incident reflects a broader pattern of digital vulnerabilities as Nigeria accelerates the digitisation of public services. While online platforms have improved efficiency, they have also expanded the attack surface for cyber threats. As investigations continue, the breach underscores the urgent need for stronger cybersecurity frameworks, institutional preparedness, and sustained investment in protecting critical national data infrastructure.