ProvidusUnity Customers Report Unauthorised Card Charges After Cyberattack

Business

Customers of Providus Bank, which is now branded as ProvidusUnity, say they have experienced unauthorised card charges months after a separate wave of cyberattacks exposed sensitive information at multiple Nigerian public institutions. Several affected account holders described the problem on X on Friday, prompting fresh questions about how breaches translate into financial losses and what regulators have done since earlier investigations began.

Fresh complaints surface after earlier breach disclosures

Customers who reported the issue said the card transactions appeared without their consent, despite the passage of time since the earlier cyber incident. Some customers who asked not to be identified confirmed to DAILY POST that they were affected, while others publicly posted details of the unauthorised activity on their X accounts.

Bank response: internal review planned, no public update yet

When DAILY POST reached out to Providus Bank’s spokesperson, Dafe Ivwurie, he did not directly confirm or deny the claims circulating among customers. In an interview, Ivwurie said the bank would carry out internal checks and respond after completing its review.

  • Ivwurie said the bank would “do some internal investigation” and revert to customers with findings.
  • He also indicated that more information would be provided, though no further update had been published at the time of reporting.

Background: Nigeria’s breach investigations and data-exposure concerns

The new allegations come amid continuing fallout from a broader breach reported earlier in 2026. In March 2026, sensitive information belonging to Sterling Bank, Remita and other organisations was said to have been compromised by hackers. A hacker known as Bytetobreach later published data tied to affected Nigerian public institutions.

Regulators and industry-watchers have also highlighted that the investigative process has not produced a visible conclusion. In April 2026, the Nigeria Data Protection Commission (NDPC) said it had started examining the incident. However, three months after that confirmation, the NDPC had not released the outcome of its investigation, leaving the public with limited clarity on remediation and enforcement actions.

  • In March 2026, Sterling Bank, Remita and other organisations reported data compromise linked to hackers.
  • In April 2026, the NDPC said it had begun an investigation into the breach.
  • As of the time of reporting, three months later, the NDPC had not published the investigation’s results.

After the latest complaints involving ProvidusUnity customers, DAILY POST sought comment from the NDPC. The paper contacted Babatunde Bamigboye, Head, Legal, Enforcement, and Regulations at the NDPC, but he had not responded at the time the report was filed.

Wider cyber-risk picture: breach volume, data sales probes, and online population

The discussion around the ProvidusUnity claims is unfolding against a wider picture of repeated attacks and persistent concerns about how stolen data is traded and monetised. Surfboard, a global cybersecurity firm, said that in the first three months of 2026 alone, Nigeria recorded 281,000 email breaches carried out by hackers.

More recently, the minister of communications, innovation, and digital economy, Bosun Tijani, said in June that he would probe—through the NDPC—the suspected unlawful sale of Nigerians’ data by unauthorised websites. The promise underscores political attention on enforcement and consumer protection as breaches continue to recur.

Meanwhile, telecom and identity figures point to why the risks may be growing. Data from the Nigerian Communications Commission suggests Nigeria has 148,000 active internet users, alongside more than 130 million enrolled national identity numbers out of an estimated population of about 250 million. With a rising share of Nigerians coming online, DAILY POST reports that data breaches are increasingly becoming a routine threat to citizens’ personal information.

  • Surfboard reported 281,000 email breaches in Nigeria in the first three months of 2026.
  • In June, Bosun Tijani said he would investigate through the NDPC the alleged illegal sale of Nigerians’ data by unauthorised websites.
  • The Nigerian Communications Commission data cited 148,000 active internet users, with over 130 million national identity number enrollments from an estimated 250 million population.
  • With more people online, the report says data breaches have become a daily risk to citizens’ information.
Zibuyile Dladla
Zibuyile Dladla
Senior Writer

Zibuyile began her media journey as a sales intern at Mediamark (Kagiso Media) before moving into digital content creation for ZAlebs.com. Over four years, she helped evolve the platform from a simple blog into one of South Africa’s leading independent entertainment news sites.
Following ZAlebs’ transition to Celebrity Worx in 2016, Zibuyile was promoted to Executive Editor, recognized for her sharp audience insight and ability to match editorial with branded content. Highlights of her time include a Bookmark Award nomination, judging TLC’s Next Great Presenter, reporting from the MTV EMAs, and building partnerships with radio stations like YFM, Cliff Central, and Good Hope FM.
Her editorial work also expanded to include fast-growing digital verticals—such as lifestyle tech, online entertainment, and gambling-related content—tailored to evolving reader interests and brand opportunities.

Zalebs