Chartered Institute of Bankers of Nigeria (CIBN) Database Breached: 250GB Including Member PII, Source Code, and ID Documents Leaked
Threat actor Rabid leaks 250GB CIBN database with member PII, ID documents, and source code.
Summary
The Chartered Institute of Bankers of Nigeria's full database containing over 250GB of sensitive data has been breached and is being sold by threat actor Rabid. The exposed dataset includes member personal information, scanned government-issued identity documents, academic certificates, platform source code, and internal operational documents. The combination of verified identity documents with professional credentials creates significant risk for synthetic identity fraud, credential misuse, and follow-on infrastructure attacks leveraging exposed source code.
Full text
Active Threat Report ID: DWI-2026-0420-24 Critical Severity 250GB of data exposing members of Nigeria's chartered banking body, including scanned identity and academic documents alongside platform source code. High risk of identity theft, credential fraud, and follow-on intrusion. 01 Incident Summary Date & Time2026-04-20 20:14 UTC Threat ActorRabid VictimChartered Institute of Bankers of Nigeria IndustryBanking / Professional Assoc. CategoryData Breach Total Volume250GB+ ScopeFull Database Sale TypeHidden / Gated Access Sample Hostgofile.io PriceUndisclosed NetworkOpen Web Country Nigeria 02 Incident Overview A threat actor going by Rabid is advertising the full database of the Chartered Institute of Bankers of Nigeria (CIBN), the country's apex professional body for the banking and finance industry. Established by an Act of the National Assembly, CIBN is responsible for certifying and regulating professional standards for bankers across Nigeria, and its membership spans executives, mid-career professionals, and students pursuing chartered qualifications in the country's financial sector. The dataset being offered totals over 250GB and is described by the actor as the institute's entire database. According to the listing, the exposed material spans several distinct categories: Member Personal DataNames, email addresses, and full membership records belonging to CIBN members and applicants. Identity DocumentsScanned government-issued ID documents submitted during the membership verification process. Academic CertificatesUniversity statements of result, degree certificates, and professional membership certificates from institutions including the University of Ilorin, Tansian University, and the Institute of Chartered Accountants of Nigeria (ICAN), shown in the sample. Source CodePlatform source code associated with CIBN's online systems, raising the possibility of follow-on attacks against the institute's live infrastructure. Operational DocumentsMembership details and internal documents bundled within the 250GB archive. The combination of scanned identity documents with matching academic credentials is particularly severe. In the Nigerian financial sector, banker certification documents are a recognised part of know-your-customer and employment verification workflows, and a leaked corpus of genuine ID-plus-certificate pairs provides attackers with ready-made templates for synthetic identity fraud, fake professional impersonation, and targeted business email compromise against the banks where these individuals are employed. The simultaneous exposure of CIBN's source code further compounds the risk, as it may reveal authentication logic, internal endpoints, or hard-coded secrets that could enable a second-stage intrusion. 03 Compromised Data Categories Full Names Email Addresses Membership Details Scanned ID Documents University Transcripts Degree Certificates Professional Certificates Platform Source Code Internal Documents 04 Screenshots FIG 01 · Forum listing with 250GB database claim FIG 02 · Sample academic and professional certificates This post is for subscribers on the Plus, Pro and Elite tiers Subscribe Already have an account? Sign In
Indicators of Compromise
- domain — gofile.io