Third IMPACT Initiative Covers Compliance Audit Returns, Corporate Risk Management
The Nigeria Data Protection Commission hosted the third IMPACT Initiative webinar on April 10, 2026, with 462 participants in attendance. The session addressed Compliance Audit Returns filing under the Nigeria Data Protection Act, standardized CAR templates, and collaboration between organizations and Data Protection Compliance Organisations. Speakers included NDPC officials, legal practitioners, and industry DPOs from Paystack and ICPC.
NDPC Legal Head Babatunde Elected UNCITRAL Rapporteur
The Nigeria Data Protection Commission's Head of Legal, Enforcement and Regulations Department, Babatunde Bamigboye, was elected as Rapporteur of UNCITRAL Working Group on Electronic Commerce at its 70th Session in New York. His nomination was put forward by the US delegation and seconded by Singapore. The Working Group deliberated on Draft Model Legislative Provisions on Contracts for the Provision of Data, aiming to foster stability in global data provision value chains.
NDPC Champions Borderless Digital Finance at Kigali Fintech Forum
The Nigeria Data Protection Commission (NDPC) was represented at the Kigali Fintech Forum hosted by the Rwandan Government, where Barrister Babatunde Bamigboye (Head of Legal, Enforcement and Regulations) served as a panellist on 'Digital Finance Without Borders: Standards, Interoperability, and Trust.' Nigeria was selected as one of nine countries to participate in the Cross-Regulatory Project by Cambridge University's Judge Business School and Financial Innovation for Impact.
NDPC Commissioner Attends IAPP Global Privacy Summit 2026 in Washington
The Nigeria Data Protection Commission (NDPC) Commissioner Dr. Vincent Olatunji led Nigeria's delegation to the IAPP Global Privacy Summit 2026 in Washington, D.C. Dr. Olatunji participated in breakout sessions on 'Governing High-Stakes AI' and 'Age Assurance and Privacy in the Digital Playground,' where he shared insights on Nigeria's ongoing survey on Age Regulation and Online Safety. He also met with Canadian Privacy Commissioner Philippe Dufresne to advance a memorandum of understanding between the two authorities.
NDPC Champions Data Safety at NIGCOMSAT Satellite Week 2026
The Nigeria Data Protection Commission (NDPC) was represented at NIGCOMSAT Satellite Week 2026 by Mr. Olufemi Ibitayo, Head of Finance Management and Control. The event, themed 'Harnessing Space Technology for an Extraordinary Nigeria,' was declared open by Dr. Bosun Tijani, Honourable Minister of Communications, Innovation and Digital Economy. NDPC delivered a goodwill message emphasizing data safety collaboration within the digital ecosystem.
NDPC Commissioner Highlights Nigeria's Digital Economy Data Privacy Progress at Global Summit
Dr. Vincent Olatunji, National Commissioner/CEO of the Nigeria Data Protection Commission, represented Nigeria at the IAPP Global Summit 2026 in Washington, D.C. He participated in a high-level session on data privacy and AI governance in Africa, discussing Nigeria's progress in positioning data privacy as a cornerstone of its digital economy. Dr. Olatunji also led a delegation meeting with Future of Privacy Forum CEO Jules Polonetsky to discuss strategic collaboration on public awareness, capacity building, and technology deployment for compliance and enforcement.
NDPC Discusses Balanced Data Law Approach with U.S. Government Officials in Washington D.C.
Nigeria Data Protection Commission (NDPC) National Commissioner Dr. Vincent Olatunji met with U.S. State Privacy Enforcers and senior U.S. Administration officials at IAPP Data Protection Authority Day 2026 in Washington D.C. Dr. Olatunji presented Nigeria's balanced regulatory approach under the Nigeria Data Protection Act (NDP Act, 2023), emphasizing that the framework protects personal data while supporting digital innovation. The engagement highlighted Nigeria's federal-state coordination in implementing data protection rules uniformly across the country.
NDPC Takes Digital Privacy Campaign to UNIPORT, Sensitizes 300 Students on Data Rights
The Nigeria Data Protection Commission held the third edition of its Digital Privacy Awareness Campaign (DPAC) at the University of Port Harcourt, sensitizing approximately 300 students on data rights and privacy awareness. The event featured presentations on digital footprints, digital rights, and a panel discussion on privacy in the age of AI, social media, and emerging technologies.
NDPC Boss to Corporate Directors: Transition from Passive Oversight to Active Data Stewardship
Dr. Vincent Olatunji, NDPC National Commissioner/CEO, delivered the keynote address at the Chartered Institute of Directors Nigeria Members' Evening 2026 in Lagos. He urged corporate directors to transition from passive oversight to active data stewardship, emphasised compliance with the Nigeria Data Protection Act (NDP Act) 2023, and highlighted the benefits of compliance and consequences of non-compliance. He encouraged directors to embed data protection compliance as a culture within their organisations.
State of Oklahoma Data Breach Notice to Consumers
The Vermont Attorney General's Office posted a data breach notice filed by the State of Oklahoma regarding a security incident that may have compromised consumer personal information. The notice was published on March 27, 2026, and is available on the Vermont AG's security breach notices page. Affected consumers may have received direct notification from Oklahoma state government regarding the breach.
Woodfords Family Services Data Breach Notice to Consumers
The Vermont Attorney General's Office posted a data breach notice from Woodfords Family Services on March 28, 2026. The notice informs Vermont consumers of a security breach affecting personal information. The full notice is available as a PDF document on the AG's security breach notices page.
Advantage Gold Data Breach Notice to Vermont Consumers
Advantage Gold has notified Vermont consumers of a data breach involving personal information. The breach notice, published by the Vermont Attorney General's Office, was issued on March 29, 2026. Affected Vermont consumers are advised to review the notice and monitor their accounts for suspicious activity.
Apache Tomcat and Tomcat Native Multiple Vulnerabilities, CVSS 7.3
CERT-Bund issued security advisory WID-SEC-2026-1038 identifying multiple vulnerabilities in Apache Tomcat and Tomcat Native with a CVSS Base Score of 7.3 (high). Affected versions include Apache Tomcat <9.0.117, <10.1.54, <11.0.21, and Tomcat Native <1.3.7, <2.0.14. An attacker can exploit these flaws to bypass security measures, manipulate data, disclose confidential information, and conduct open-redirect attacks.
Cortex XSOAR Vulnerability, CVSS 8.1, 8th Apr
Cortex XSOAR Vulnerability, CVSS 8.1, 8th Apr
GitLab CE/EE Multiple Vulnerabilities CVSS 8.5 Allow Information Disclosure and Data Manipulation
CERT-Bund issued security advisory WID-SEC-2026-1010 identifying multiple vulnerabilities in GitLab CE/EE versions below 18.9.5, 18.10.3, and 18.8.9. The vulnerabilities carry a CVSS Base Score of 8.5 (high) and a CVSS Temporal Score of 7.4 (high), with remote attack capability confirmed. An attacker could exploit these flaws to disclose information, manipulate data, bypass security measures, cause denial-of-service conditions, or execute cross-site scripting attacks.
Budibase Multiple Critical Vulnerabilities Allow Root Code Execution
CERT-Bund issued security advisory WID-SEC-2026-0990 disclosing multiple critical vulnerabilities in Budibase, an open-source low-code platform. Attackers can exploit these flaws to execute arbitrary code with root privileges, escalate to administrator rights, conduct XSS attacks, manipulate data, cause denial-of-service, or disclose confidential information. CVSS Base Score is 9.6 (critical) and Temporal Score is 8.6 (high). Remote attack is possible.