Nigerian state government leaks personal data of loan applicants on website
Learn More
The Edo State Government in Nigeria inadvertently published sensitive personal information of residents who applied for Micro, Small and Medium Enterprise (MSME) loans on its official website.
The incident involved spreadsheet documents that were uploaded as part of the state's submissions for the World Bank-backed States Action on Business Enabling Reforms (SABER) programme, a $750 million results-based initiative running from 2023 to 2025.
The data exposure was discovered and reported by the Foundation for Investigative Journalism (FIJ), which found that two spreadsheet files containing detailed personal information had been made publicly accessible through the government's website. The documents were originally published in December 2023 as part of Edo State's submissions to demonstrate compliance with program requirements for accessing World Bank funding.
Following FIJ's reporting on the incident, the Edo State Government removed the spreadsheet files from its official website. FIJ confirmed on Friday that the documents were no longer accessible through the government site, and this removal was verified again on Sunday.
One document remains available online through search engine indexing. Exposed data includes:
- Names of loan applicants
- Home addresses
- Bank Verification Numbers (BVNs)
- National Identification Numbers (NINs)
- Dates of birth
- Loan amounts disbursed
- Bank account numbers
At least 147 people are confirmed to be affected, with potentially more individuals affected across both exposed documents. The total number of affected individuals is not disclosed.
Bugie Okhuemoi, Special Adviser on Media and Publicity to Governor Monday Okpebholo, blamed the incident on the previous administration and that "the current government had not assumed control of the said website."
