The Chartered Institute of Bankers of Nigeria (CIBN), the country’s apex professional body for bankers, is reportedly at the centre of a major cybersecurity incident following claims that its internal database estimated at about 250GB has been compromised and leaked online by an unidentified threat actor.

The alleged breach, which surfaced recently on underground cybercrime forums, is said to involve a wide range of sensitive institutional and personal data belonging to members of the banking profession.

According to preliminary assessments of sample files circulating online, the exposed information reportedly includes full names, email addresses, phone numbers, residential and business addresses, membership records, scanned identification documents, certificates, and even internal source codes linked to digital systems.

While the authenticity of the full dataset has not been independently verified, cybersecurity observers note that the scale of the alleged leak is consistent with a growing pattern of attacks targeting financial institutions and professional bodies across Nigeria’s banking ecosystem.

The Chartered Institute of Bankers of Nigeria, established in the early 1960s and chartered to regulate banking professionalism in the country, plays a central role in setting ethical and educational standards for bankers nationwide. It counts major financial institutions, including the Central Bank of Nigeria and commercial banks, among its corporate members.

In recent years, the institute has itself acknowledged rising cyber risks affecting the financial sector, warning that banks and related institutions face increasing exposure to digital attacks, including website hijacking, ransomware threats, and data breaches targeting sensitive financial information. This latest allegation adds to a series of reported cyber incidents involving Nigerian financial institutions, where attackers have increasingly focused on exploiting personal data for identity theft and phishing schemes.

Cybersecurity analysts say Nigeria has witnessed a broader surge in data breaches across banking, telecoms, and government systems, with millions of records reportedly circulating on the dark web in recent years. The alleged CIBN breach, if confirmed, would further highlight vulnerabilities in institutional data protection frameworks and the growing sophistication of cybercriminal operations targeting financial ecosystems.

However, CIBN has not issued an official confirmation or denial regarding the alleged breach. But, the need for immediate forensic investigation, member notification protocols, and a comprehensive audit of the institute’s digital infrastructure cannot be overlooked.

Authorities and data protection regulators are also expected to assess the claims as part of broader efforts to curb escalating cyber threats within Nigeria’s financial services sector.