A cybercrime forum post has raised concerns over a possible data breach involving Remita, a major payment platform used in Nigeria.
A threat actor known as “bytetobreach” claims to have accessed the platform’s cloud systems and stolen large volumes of data.
The alleged leak is said to include millions of sensitive records belonging to users.
According to the post, about 3 terabytes of data were taken from Amazon cloud storage linked to the system.
This reportedly includes over 800GB of Know Your Customer (KYC) files such as passports, IDs, bank statements, utility bills, and photos.
The actor also claims access to internal databases, source code, system logs, and encryption materials described as “government HSM keys.”
Security analysts say the claims point to a possible compromise of cloud storage systems, especially Amazon S3 buckets.
However, they stress that there is no confirmed evidence of a breach yet.
ALSO READ: Paystack acquires Ladder Microfinance Bank, moves into banking
Cyber intelligence platform VulnCheck Exploit & C2 Tracker described the report as “plausible but unverified.”
Experts also note that some of the alleged password data appears linked to older leaks, not necessarily this incident.
No sample of the data has been released for independent verification.
SystemSpecs, the company behind Remita, has not issued any public statement.
Banks and the Central Bank of Nigeria have also not commented on the claims.
The threat actor also linked the incident to a separate case involving Sterling Bank, but this remains unverified.
For now, the report remains an allegation, not a confirmed breach.
If true, it could affect millions of Nigerians who use the platform for payments and government transactions.
Security experts say users should stay alert and monitor their accounts while awaiting official confirmation.