Nigeria’s Corporate Affairs Commission (CAC) confirmed on April 15 that its systems suffered a cyberattack, triggering an urgent investigation backed by the National Information Technology Development Agency (NITDA).

In a public notice signed by management, the CAC said it had detected unauthorised access to parts of its information systems and had immediately activated response protocols. The agency is now working with NITDA and other government partners to determine the scale of the breach.

Hussaini Ishaq Magaji, CAC registrar-general  leads the commission, which runs the country’s main portal for company registration, name reservation, annual returns and other corporate filings. 

Officials have urged users to update their login credentials and monitor their records as a precaution while the review continues.

The incident comes at a sensitive time for Nigeria’s business environment. The CAC has spent years expanding online services to make it easier and faster to start and run companies, a key part of the country’s ease-of-doing-business reforms. 

Any prolonged downtime or data leak could delay registrations, filings and compliance checks for thousands of businesses, from small startups to large multinationals.

Related News

Security experts and business groups have long warned that rapid digitisation has outpaced cybersecurity defences in many government agencies. If sensitive company details were accessed, the breach could open doors to fraud, identity theft or corporate espionage.

NITDA, the government’s lead agency on technology policy, is supporting the CAC’s response. Its director-general, Kashifu Inuwa Abdullahi, has repeatedly called for stronger national cyber resilience, most recently at GITEX Africa 2026 where he stressed the need for better talent and defences against rising threats.

Nigeria has pushed hard to move public services online since the late 2010s, but analysts say cybersecurity has struggled to keep up. Government databases have become prime targets worldwide for hackers seeking financial gain or disruption.

For now, the CAC says it remains committed to protecting the integrity of the corporate registry and will issue updates as the investigation progresses. 

Businesses across the country are watching closely to see how quickly services resume and whether their data stayed safe. The bigger question is whether this attack will finally force faster, lasting upgrades to Nigeria’s critical digital infrastructure.

Cybersecurity
More from our Technology Column
Read Next

Nigeria’s misdiagnosis crisis drives UNILAG medical college push for diagnostic reform

By Royal Ibeh • April 16, 2026

Royal Ibeh is a senior journalist with years of experience reporting on Nigeria’s technology and health sectors. She currently covers the Technology and Health beats for BusinessDay newspaper, where she writes in-depth stories on digital innovation, telecom infrastructure, healthcare systems, and public health policies.

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp