The Nigeria Data Protection Commission (NDPC) has revealed that its service portal was targeted by more than 2,000 cyberattack attempts within a single week, underscoring the growing cybersecurity threats facing government institutions.
The National Commissioner and Chief Executive Officer of the NDPC, Dr Vincent Olatunji, disclosed this on Monday during a Technical and Organisational Drill on Data Protection Measures for IT Administrators across Ministries, Departments and Agencies (MDAs) in Abuja.
According to Olatunji, the volume of attacks highlights the urgent need for stronger cyber defences and increased human capacity to safeguard sensitive government data and digital infrastructure.
“Within one week, we experienced more than 2,000 attempts on our service portal. More than 2,000 within one week. You can imagine what that means,” he said.
He explained that cyberattacks are often driven by various motives, including efforts to compromise systems, embarrass public institutions, extort money, or disrupt critical services.
Olatunji noted that government agencies have become attractive targets for cybercriminals as more public services migrate to digital platforms.
“A lot of government organisations are being targeted recently. But I don’t think there’s anyone with any major impact on the economy or citizens’ data. But we don’t have to wait until they have a certain effect before we take action,” he stated.
The NDPC boss linked the growing threat landscape to the Federal Government’s ongoing digital transformation agenda, which aims to improve service delivery through technology.
He recalled that Nigeria’s digitalisation efforts gained momentum following the National Information Technology Policy introduced in 2001, paving the way for digital initiatives and reforms across government institutions.
According to him, the government is intensifying efforts to achieve full electronic governance and seamless interaction between citizens, businesses, and public institutions.
“A major announcement was made last week that will get 35 ministries fully digitalised in Nigeria within the next few weeks. Efforts are already ongoing. Some are fully digitalised already, while others are being encouraged to come on board. Over 100 agencies of government are already being involved in this,” Olatunji said.
He explained that several government agencies have already deployed digital platforms that allow citizens to access services remotely without physically visiting government offices.
Using the NDPC as an example, Olatunji noted that applicants seeking licences from the commission can now complete application processes and make payments online.
However, he warned that increased digital integration also raises exposure to cyber threats.
“The truth is that all these integrations are driven by a lot of technologies developed by private sector organisations. When you move to full integration or when you interact, there is every likelihood that bad actors will target your network,” he said.
To address the challenge, Olatunji called for the development of skilled cybersecurity professionals, describing them as “cyber warriors” capable of defending government systems and protecting citizens’ personal information.
He said the training programme aligns with key pillars of the commission’s strategic roadmap, including human capital development, technology ecosystem growth, and stronger collaboration among government institutions.
The commissioner stressed that data protection measures should be prioritised regardless of an agency’s level of digital maturity.
He reminded participants that government institutions are classified as data controllers under the Nigeria Data Protection Act because they collect, store, and process personal information belonging to citizens and residents.
Olatunji urged MDAs to establish the technical and organisational safeguards required by law to secure their databases and digital platforms.
He also emphasised that technology alone cannot guarantee cybersecurity without trained professionals capable of managing and protecting digital systems.
The NDPC boss disclosed that compliance with data privacy regulations within the public sector has improved significantly in recent years.
“When we started, the level of compliance with data privacy in the public sector in Nigeria was just four per cent. But now we are doing about 20 per cent and even over,” he said.
According to him, many government agencies now make budgetary provisions for data privacy initiatives, including the appointment of data protection officers and deployment of technical security measures.
Olatunji encouraged participants to apply the knowledge gained from the training within their organisations and develop implementation plans that will strengthen compliance and resilience against cyber threats.
He added that the commission has continued to support capacity development through induction programmes, certification courses, and specialised training for data protection officers across MDAs.
The NDPC also plans to extend similar training opportunities to permanent secretaries and other senior government officials to deepen awareness of data protection obligations within the public sector.
In her opening remarks, the Head of Research and Development at the NDPC, Dr Tolulope Pius-Fadipe, said the programme forms part of the commission’s broader strategy to strengthen data privacy architecture across government institutions.
She noted that the training is designed to promote responsible data management, improve public trust, protect the rights of data subjects, and enhance agencies’ ability to secure sensitive information while maintaining critical services during emergencies.






