A Federal High Court in Lagos has issued a landmark order, compelling 54 banks to return N9.3 billion that was fraudulently transferred in a sophisticated cybercrime activity from an unnamed old-generation bank. Justice Deinde Dipeolu delivered this significant judgment on April 15, 2025, following an ex parte motion filed under suit number FHC/L/CS/629/2025.

The Lagos court's directive mandates all financial institutions implicated in the cyberattack to immediately place a 'Post No Debit' restriction on all recipient accounts. Furthermore, they are instructed to commence the immediate return of any available funds to the affected originating bank. According to reports from the plaintiff bank, a severe cybercrime attack was launched on its core banking system on March 23, 2025, leading to unauthorized debits from numerous customer accounts. The substantial sum of N9,329,322,870 was subsequently distributed across accounts held in the 54 recipient financial institutions.

Upon detecting the breach, the originating bank promptly notified all involved financial institutions and initiated an investigation to trace the disbursements. Further details revealed that the stolen funds were wired in multiple batches from the plaintiff bank to primary accounts, then subsequently transferred into other accounts belonging to secondary and tertiary beneficiaries. The court's ruling explicitly requires all affected banks to provide comprehensive details of the implicated accounts, including their balances and amounts already transferred. They must also share all relevant customer data linked to these illicit transactions, such as names and destination accounts.

While ordering the immediate restitution of all recoverable funds to the plaintiff bank, Justice Dipeolu stipulated that restrictions must remain on all accounts that received any portion of the funds until full recovery is achieved, limited strictly to the amount each account received. The court clarified that this ruling applies exclusively to erroneously transferred funds and does not impinge upon other legitimate customer deposits. “For the avoidance of doubt and for clarity, the order is only in respect of funds erroneously transferred and sums salvaged,” the judgment affirmed.

This incident critically underscores the persistent and alarming rise in cybercrime activities targeting Nigerian banks. Despite continuous efforts by financial institutions to fortify their systems and operations through core banking upgrades, these measures appear to have had limited impact. A report by Check Point Software Technologies, a cybersecurity platform provider, indicates that cyberattacks on Nigeria’s banking and financial sector occur at an astonishing rate of approximately 4,718 weekly. This grim reality was further corroborated by a 2024 African Perspectives on Cyber Security Report, which positioned Nigeria as the most vulnerable nation to cyberattacks in Africa, ranking 19th globally as of July 2024.

Additional data from the Nigeria Inter-Bank Settlement System (NIBSS) reveals that fraudsters successfully scammed over 80,658 bank customers in 2023, resulting in a collective loss of N59.33 billion between 2019 and 2023. Beyond individual customers, financial institutions themselves—including commercial banks, fintech companies, and network service providers—suffered losses totaling more than ₦1.1 trillion between 2017 and 2023 due to diverse cyber threats such as hacking, ransomware, and malware attacks. The Economic and Financial Crimes Commission (EFCC) has voiced profound concerns regarding the escalating rate and significant cost of cybercrime in the nation, noting that it accounted for the largest share of 3,455 cases recorded between H2 2023 and H1 2024, with an estimated $500 million lost to this menace in 2022 alone.

In response to this growing threat, proactive strategies are being implemented. The EFCC announced the construction of a Cybercrime Research Centre, a collaborative effort with a Nigerian fintech firm. This centre aims to train a minimum of 500 young Nigerians at a time in cybersecurity and various aspects of cybercrime research, fostering a new generation of digital security experts. Furthermore, Malam Nuhu Ribadu, the National Security Adviser, affirmed that proactive steps are being deployed to enhance and strengthen the country’s digital infrastructure. He highlighted that 85% of Nigeria's AI programs are being developed with the assistance of local vendors, emphasizing the crucial need to embrace the rapid advancements of AI while simultaneously securing Nigeria’s vital digital assets. He cautioned, “As we embark on today’s discussion, let us embrace the opportunity that AI presents, which brings both challenges and opportunities. The challenge is that you never know when you are going to be hit or if you have already been hit.”