Sterling Bank Hit by Major Data Breach, Exposing Nearly 1 Million Customers’ Sensitive Information
A severe cybersecurity breach at Sterling Bank has left nearly one million customers vulnerable after a dark web hacking group, ByteToBreach, allegedly infiltrated the bank’s systems, compromising a vast trove of personal and financial data. The incident, one of Nigeria’s most significant financial data leaks, has sparked widespread panic among account holders and raised urgent questions about the bank’s security protocols.
The breach, reportedly executed by exploiting a vulnerability in Oracle WebLogic Server, allowed attackers to extract 2.2GB of sensitive data, including Bank Verification Numbers (BVN), NUBAN account details, scanned IDs, transaction histories, and internal credit scores. Over 900,000 customer records and 3,000 employee files including those of top executives were exposed, heightening fears of financial fraud and targeted criminal activity.
Customers have expressed alarm over the potential for "Social Engineering 2.0", a tactic where fraudsters use stolen data to manipulate victims into divulging OTPs and other credentials. The leak of home addresses and identity documents has also raised concerns about physical safety, particularly in a climate where kidnappers and scammers exploit precise personal information.
The Nigeria Data Protection Commission (NDPC) has launched a formal investigation, issuing a Notice of Investigation on April 1, 2026, and expanding its probe to include Remita Payment Services Ltd. due to the interconnected nature of Nigeria’s digital payment ecosystem. Dr. Vincent Olatunji, NDPC’s National Commissioner, has warned of severe penalties under the Nigeria Data Protection Act (2023) for any entity found negligent in safeguarding data.
Critics argue that Sterling Bank’s leadership, under CEO Abubakar Suleiman, may have prioritized corporate initiatives over critical cybersecurity investments, leaving systems vulnerable. Financial analysts describe the breach as a consequence of favoring "optics over operational resilience," emphasizing that robust data protection is a non-negotiable requirement in modern banking.
The fallout extends beyond regulatory scrutiny, with customers reportedly considering mass account closures amid eroded trust. The incident has also ignited a broader debate on Nigeria’s financial sector cybersecurity preparedness, underscoring the need for stronger defenses as digital banking adoption grows.
If confirmed, the breach would mark a monumental failure in oversight, risking long-term reputational damage and a potential collapse of public confidence in Sterling Bank. The outcome of the NDPC’s investigation and the bank’s response will likely shape its credibility for years to come.
Remita Payment Services Ltd. TPRM report: https://www.rankiteo.com/company/systemspecs
Oracle TPRM report: https://www.rankiteo.com/company/oracle-financial-services-software-limited
Sterling Bank TPRM report: https://www.rankiteo.com/company/sterling-bank-plc
"id": "stesysora1775910702",
"linkid": "sterling-bank-plc, systemspecs, oracle-financial-services-software-limited",
"type": "Breach",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '900,000',
'industry': 'Financial Services',
'location': 'Nigeria',
'name': 'Sterling Bank',
'type': 'Bank'},
{'industry': 'Financial Services',
'location': 'Nigeria',
'name': 'Remita Payment Services Ltd.',
'type': 'Payment Services'}],
'attack_vector': 'Exploitation of Oracle WebLogic Server vulnerability',
'data_breach': {'data_exfiltration': 'Yes (2.2GB extracted)',
'number_of_records_exposed': '900,000 customer records, 3,000 '
'employee files',
'personally_identifiable_information': 'Yes (BVN, NUBAN, '
'scanned IDs, home '
'addresses)',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Bank Verification Numbers (BVN)',
'NUBAN account details',
'Scanned IDs',
'Transaction histories',
'Internal credit scores',
'Employee files']},
'description': 'A severe cybersecurity breach at Sterling Bank has left '
'nearly one million customers vulnerable after a dark web '
'hacking group, ByteToBreach, allegedly infiltrated the bank’s '
'systems, compromising a vast trove of personal and financial '
'data. The incident, one of Nigeria’s most significant '
'financial data leaks, has sparked widespread panic among '
'account holders and raised urgent questions about the bank’s '
'security protocols.',
'impact': {'brand_reputation_impact': 'Eroded trust, potential mass account '
'closures',
'data_compromised': '2.2GB of sensitive data',
'identity_theft_risk': 'High (BVN, NUBAN, scanned IDs, transaction '
'histories)',
'legal_liabilities': 'Potential penalties under Nigeria Data '
'Protection Act (2023)',
'payment_information_risk': 'High (NUBAN account details, '
'transaction histories)'},
'investigation_status': 'Ongoing (NDPC investigation)',
'post_incident_analysis': {'root_causes': 'Potential prioritization of '
'corporate initiatives over '
'cybersecurity investments, '
'vulnerability in Oracle WebLogic '
'Server'},
'references': [{'source': 'Nigeria Data Protection Commission (NDPC)'}],
'regulatory_compliance': {'legal_actions': 'Notice of Investigation issued by '
'NDPC',
'regulations_violated': 'Nigeria Data Protection '
'Act (2023)',
'regulatory_notifications': 'NDPC investigation '
'launched on April 1, '
'2026'},
'threat_actor': 'ByteToBreach',
'title': 'Sterling Bank Hit by Major Data Breach, Exposing Nearly 1 Million '
'Customers’ Sensitive Information',
'type': 'Data Breach',
'vulnerability_exploited': 'Oracle WebLogic Server vulnerability'}