Nigeria CAC Denies Manipulating DAAR Records After Hack

In Short

Nigeria CAC says it did not manipulate DAAR Communications PLC’s company records after a cyberattack.

What Happened

Nigeria’s Corporate Affairs Commission, CAC, has denied allegations that it altered the official records of DAAR Communications PLC following a recent cyberattack on its systems.

CAC is the government registry that stores core company filings, like directors, shareholding, and statutory documents. These records are what banks, investors, and counterparties often rely on during due diligence, which is a formal background check on a company.

The allegation, according to CAC’s statement as reported by Nairametrics, was that DAAR’s registry information was changed after the intrusion. CAC says the claims are false and that its records for the media company were not manipulated.

Why It Matters

A cyberattack on a corporate registry is not just an IT issue. It can create uncertainty about who controls a company, who can sign documents, and whether filings can be trusted.

For startups and SMEs in Nigeria, CAC data is used for onboarding on fintech and enterprise platforms, opening bank accounts, and supplier verification. If confidence drops, businesses face slower compliance checks, more manual paperwork, and higher risk premiums from lenders and partners.

The incident also lands in the middle of a wider push for stronger incident reporting and controls in Nigeria’s digital economy. That includes clearer post-breach communications and auditable logs, which are timestamped records that show what changed and when.

The Details

CAC’s denial signals it is trying to reassure the market that the integrity of its company database remains intact. The next practical question for operators will be whether CAC publishes more technical specifics, such as the attack window, affected services, and any independent verification of record integrity.