Nigeria CAC Cyberattack Hits Corporate Registry Systems

In Short

Nigeria’s Corporate Affairs Commission (CAC) has confirmed a cyberattack on its corporate registry systems. The CAC is investigating with support from NITDA, Nigeria’s government IT agency.

What Happened

On April 15, 2026, the CAC said its systems were compromised and that an urgent investigation is underway.

The CAC runs Nigeria’s company registration and filings portal. It is the system businesses use to incorporate, update directors, file statutory returns, and complete other compliance steps.

Officials have not yet said what data was accessed or whether services will be offline for long. The CAC said it is still assessing the scale of the breach.

Why It Matters

A cyberattack on the CAC can slow down business operations across Nigeria. If the portal is down, startups and SMEs can face delays in registrations and required filings, which can block banking, fundraising, and contracting.

The bigger risk is data exposure. If attackers accessed sensitive corporate records, it could enable fraud, identity theft, and targeted scams, for example using company details to impersonate directors or submit false documents.

It also lands in the middle of Nigeria’s push to digitise public services. As more government processes move online, availability and cybersecurity controls, meaning the tools that prevent intrusion and detect suspicious activity, become harder to treat as optional.

The Techpoint Digest that reported the incident also flagged two other policy signals on connectivity. Kenya is tightening regulations on satellite Internet, and South Africa’s communications minister is reportedly not engaging publicly with Elon Musk in the Starlink dispute. Together, these updates point to a region where both cyber resilience and telecom regulation are becoming central to how digital services scale.