The National Commissioner/CEO, Nigeria Data Protection Bureau, NDPB, Dr. Vincent Olatunji, has directed commencement of investigations into reports of data privacy breach involving Wema Bank PLC and KC Gaming Networks (Bet Naija), two major data controllers in Nigeria.
This was contained in a statement signed by the Bureau’s Legal, Enforcement & Regulations Lead, Babatunde Bamigboye Esq.
According to the statement, the investigation is in line with Section 37 of the 1999 Constitution and the provisions of Nigeria Data Protection Regulation (NDPR) 2019 – particularly Articles 2.1(2)-(3), 2.6 and Article 4 of the NDPR.
While assuring members of the general public that proper accountability of the data controllers will be ensured, The NDPB CEO disclosed that the investigation is aimed at figuring-out the impact of the breaches on the affected data subjects and the remedial actions taken by the concerned data controllers.
Part of the statement reads: “It will be recalled that sometime in May 2022, some customers of Wema Bank PLC complained of breach of their rights to data privacy and protection by the Bank. This data processing, according to the complaints against the Bank, involves using their personal data to open accounts.
The Bureau is also investigating report of breach of data privacy at KC Gaming Networks. The breach in this case involved alleged external attack on the KC Gaming Networks”.