NIMC Denies Data Breach Allegations, to Prosecute Harvesters
The National Identity Management Commission (NIMC) denied allegations of a data breach involving sensitive information about Nigerian citizens.
In a statement signed by Kayode Adegoke, Head of Corporate Communications yesterday the commission reassured the public that their data remains secure and has not been compromised.
NIMC emphasised that it has not authorised any website or entity to sell or misuse the National Identification Number (NIN) or any other identity information.
The commission specifically identified several websites including idfinder.com.ng, and Verify. ng, championtech.com.ng, trustyonline.com, and anyverify. Com - as unauthorised data harvesters.
On March 16, there were reports that the website expressverify was monetising the recovery of NINs and personal information from the Nigerian identification database.
The website reportedly had unrestricted access to NINs and personal details of Nigerians registered in the nation’s identity database managed by NIMC.
This incident prompted the Nigeria Data Protection Commission to heighten scrutiny of NIMC licensees after the website breached data protection protocols.
NIMC warned the public to avoid these sites and refrain from providing any personal information, as these platforms are potentially fraudulent and illegally collect data for their services.
“The commission has taken robust measures to safeguard the nation’s database from cyber threats.
“Our secure, world-class, full-proof database is in place, meeting the stringent ISO 27001:2013 Information Security Management System Standard, with annual recertification and strict compliance with the Nigerian Data Protection Law,” said Adegoke
NIMC advised Nigerians to be cautious and avoid sharing their data with unauthorised or phishing sites which pose significant risks of data harvesting and compromise.