Nigeria’s Economic and Financial Crimes Commission (EFCC) has been hit by a cyberattack, with threat actors operating under the name “Nullsec Nigeria” leaking sensitive internal data linked to the agency.
The breach surfaced on April 21 on a dark web forum, where a user identified as “ki4t,” reportedly affiliated with the group, published details of the dataset.
The exposed data is said to include agent names, phone numbers, operational code names, and password hashes tied to EFCC personnel. Security analysts warn that the presence of password hashes sharply increases the risk of credential compromise, unauthorized system access, and possible impersonation of operatives.
The implications are serious. Exposure of EFCC personnel data raises safety concerns for operatives and their families, threatens ongoing investigations, and undermines confidence in Nigeria’s anti-corruption efforts.
The direct targeting of a law enforcement database marks a troubling escalation with national security consequences.
This breach follows a similar incident involving the Corporate Affairs Commission (CAC), which confirmed unauthorized access to its systems in April 2026. The intrusion reportedly exposed sensitive corporate registration data, with threat actors claiming to have extracted millions of company records.
Authorities initiated a security review, while the Nigeria Data Protection Commission opened an investigation under the Nigeria Data Protection Act.
Together, the EFCC and CAC incidents point to a sustained wave of cyber intrusions targeting critical Nigerian systems. Attackers are believed to be using a mix of scraping, phishing, and database exploitation to extract high-value data.
“Nullsec Nigeria” is suspected to be a loosely coordinated threat actor or alias behind multiple recent breaches, though its structure and motives remain unclear.
Attention is now on regulators and security agencies as pressure mounts for stronger defenses.
