In a landmark ruling, Justice Deinde Dipeolu of the Federal High Court in Lagos has instructed 54 banks to return a total of N9,329,322,870, which was fraudulently transferred by hackers from an unnamed old-generation bank. The judgment, delivered on April 15, 2025, follows an ex parte motion filed in suit number FHC/L/CS/629/2025.
The court ordered the banks to immediately place a Post No Debit (PND) restriction on all accounts that received the illicit funds. It also directed them to commence the immediate return of all available funds to the originating bank.
The plaintiff, an unnamed old-generation bank, reported a breach in its core banking system on March 23, 2025, leading to unauthorised debits from multiple customer accounts. The hackers then dispersed over N9.3 billion across various accounts in 54 financial institutions.
Upon discovering the breach, the affected bank promptly alerted the involved institutions and began tracking the movements of the funds. The investigation revealed that the stolen funds were transferred in multiple tranches from the bank into primary accounts, which were subsequently rerouted to secondary and tertiary beneficiaries.
Justice Dipeolu ruled that the implicated banks must provide detailed information about the accounts involved, including the current balances and amounts already transferred. The banks were also ordered to share customer data related to the transactions, including names and destination accounts.
The court further imposed that restrictions remain on all accounts that received any portion of the stolen funds, with the limitations strictly tied to the amount each account had received. The judge made it clear that the ruling only concerns the erroneously transferred funds, clarifying that it does not affect other customer deposits.
For emphasis, Justice Dipeolu stated, “The order is only in respect of funds erroneously transferred and sums salvaged,” underscoring that the stolen funds rightfully belong to the plaintiff bank, not the customers of the affected banks.
This ruling marks a significant move in ensuring accountability within the Nigerian banking sector, highlighting the importance of safeguarding customer data and preventing cybercrime.