Nigeria: 80 Million Citizen Records Leaked on Dark Web

"A cache of over 80 million Nigerian citizen data records is actively circulating on dark web marketplaces, according to disclosures made by Dapo Aruwajoye, CEO and CIO of cybersecurity firm Technyfire, during an…"

A cache of over 80 million Nigerian citizen data records is actively circulating on dark web marketplaces, according to disclosures made by Dapo Aruwajoye, CEO and CIO of cybersecurity firm Technyfire, during an interview on Arise TV. The exposure represents one of the largest aggregated identity data leaks tied to the West African nation and arrives amid a sustained barrage of roughly 4,000 to 4,200 cyber attacks per month against Nigerian digital infrastructure.

What Happened

Threat intelligence monitoring surfaced a massive trove of Nigerian personal records being traded across encrypted dark web channels. Technyfire's leadership confirmed the leak publicly, framing it as the culmination of years of escalating pressure on Nigeria's identity databases by transnational threat actors. The disclosure aligns with broader industry observations that Nigerian fintech, government, and telecom systems have become prime regional targets for organized cybercriminal operations seeking high-volume personally identifiable information (PII) for fraud monetization.

What Was Taken

The exposed dataset reportedly contains over 80 million citizen records. While the full schema has not been publicly enumerated, leaks of this scale and origin typically include:

Full names and dates of birth
National Identification Numbers (NIN) and BVN-adjacent identifiers
Residential addresses and phone numbers
Biometric-linked metadata used for KYC verification
Email addresses and account identifiers

Given Nigeria's population of approximately 220 million, the leaked records could represent more than a third of the citizenry, with disproportionate impact on banked and digitally registered adults.

Why It Matters

This exposure creates an immediate and durable risk to financial security and national sovereignty. Leaked identity data enables adversaries to bypass biometric verification networks, conduct SIM-swap attacks, execute large-scale banking fraud, and impersonate citizens against government services. For defenders operating in or transacting with Nigerian markets, the leak elevates the baseline risk of synthetic identity fraud, account takeover, and social engineering campaigns targeting Nigerian nationals and diaspora populations. The data will also feed downstream fraud operations across the broader West African region for years.

The Attack Technique

A single intrusion vector has not been publicly attributed. However, Aruwajoye's commentary highlights a continuous, industrial-scale assault on Nigerian digital architecture, with automated botnets probing perimeter defenses roughly every 150 seconds. The volume, approximately 24 attacks per hour against the national digital ecosystem, suggests the leaked dataset is more likely the product of aggregated breaches across multiple government, fintech, telecom, and identity-broker systems rather than a single source compromise. Weak API authentication, exposed admin panels, and third-party data processor breaches are consistent with the patterns observed in prior Nigerian incidents.

What Organizations Should Do

Treat Nigerian KYC data as compromised. Re-evaluate identity verification flows that rely solely on NIN, BVN, or static PII. Layer in liveness checks, device intelligence, and behavioral biometrics.
Hunt for credential stuffing and SIM-swap activity. Monitor for spikes in authentication failures, account recovery attempts, and SIM-swap indicators tied to Nigerian customer segments.
Audit third-party data processors. Inventory vendors handling Nigerian citizen data and demand evidence of breach notification, log retention, and access controls.
Strengthen perimeter and API hygiene. Patch externally exposed services, enforce rate limiting on identity-lookup endpoints, and remove orphaned admin interfaces.
Operationalize dark web monitoring. Subscribe to threat intel feeds tracking Nigerian PII listings and pre-position customer communications for confirmed exposures.
Coordinate with Nigerian regulators. Engage with NITDA, NDPC, and the Central Bank of Nigeria on incident reporting obligations and emerging guidance tied to this leak.

Sources: Over 80 million Nigerian Data Records Leak on Dark Web - JolibaLive | The Information Marketplace