Bimpe Adebayo

Fresh concerns over data security have emerged after several customers of ProvidusUnity, formerly Providus Bank, reported unauthorised transactions on their payment cards, months after a major data breach affected multiple institutions in Nigeria.

The affected customers took to X on Friday to share their experiences, alleging that money was withdrawn or transactions were carried out on their cards without their authorisation. Some customers who spoke to BrandIconImage on condition of anonymity also confirmed the incidents, raising fresh questions about the security of customers' financial data.

When contacted, the bank's spokesperson, Dafe Ivwurie, said the lender would first investigate the complaints before making any official statement.

“Will do some internal investigation and revert,” he told BrandIconImage.

At the time of filing this report, the spokesperson had yet to provide additional information or confirm whether the reported incidents were linked to any previous cybersecurity breach.

The complaints come just months after a significant cybersecurity incident in March 2026, when hackers compromised sensitive data belonging to several Nigerian institutions, including Sterling Bank and Remita. A hacker identified as Bytetobreach subsequently published sensitive information allegedly obtained from the affected organisations, triggering concerns over the security of customer and institutional data.

Following the breach, the Nigeria Data Protection Commission (NDPC) announced in April that it had commenced an investigation into the incident. However, more than three months later, the commission has yet to make public the outcome of its probe.

BrandIconImage also contacted the NDPC's Head of Legal, Enforcement and Regulations, Babatunde Bamigboye, to seek clarification on the latest complaints by ProvidusUnity customers and whether they could be connected to the earlier breach. However, he had not responded as of the time of publication.

The latest reports add to growing concerns about cybersecurity threats in Nigeria, where cybercriminals have increasingly targeted financial institutions, businesses and government agencies.

According to Surfboard, a global cybersecurity firm, Nigeria recorded approximately 281,000 email breaches during the first quarter of 2026 alone, underscoring the scale of cyber threats facing individuals and organisations across the country.

The Federal Government has also acknowledged the growing challenge. In June, the Minister of Communications, Innovation and Digital Economy, Bosun Tijani, pledged that the government, through the NDPC, would investigate the illegal sale of Nigerians' personal data by unauthorised websites.

As internet adoption continues to rise, concerns over digital privacy and data protection have become increasingly significant. Data from the Nigerian Communications Commission (NCC) indicates that the country has about 148 million active internet users, while more than 130 million Nigerians have enrolled for National Identification Numbers (NIN) out of an estimated population of 250 million.

With a growing share of financial and personal activities now conducted online, cybersecurity experts say stronger data protection measures, timely regulatory action and improved consumer awareness remain critical to safeguarding Nigerians against identity theft, financial fraud and other forms of cybercrime.