NIMC Denies Data Breach Allegations, to Prosecute Harvesters
CHIGOZIE AMADI
The National Identity Management Commission (NIMC) denied allegations of a data breach involving sensitive information about Nigerian citizens.
In a statement signed by Kayode Adegoke, Head of Corporate Communications yesterday the commission reassured the public that their data remains secure and has not been compromised.
NIMC emphasised that it has not authorised any website or entity to sell or misuse the National Identification Number (NIN) or any other identity information.
The commission specifically identified several websites including idfinder.com.ng, and Verify. ng, championtech.com.ng, trustyonline.com, and anyverify. Com – as unauthorised data harvesters.
On March 16, there were reports that the website expressverify was monetising the recovery of NINs and personal information from the Nigerian identification database.
The website reportedly had unrestricted access to NINs and personal details of Nigerians registered in the nation’s identity database managed by NIMC.
This incident prompted the Nigeria Data Protection Commission to heighten scrutiny of NIMC licensees after the website breached data protection protocols.
NIMC warned the public to avoid these sites and refrain from providing any personal information, as these platforms are potentially fraudulent and illegally collect data for their services.
“The commission has taken robust measures to safeguard the nation’s database from cyber threats.
“Our secure, world-class, full-proof database is in place, meeting the stringent ISO 27001:2013 Information Security Management System Standard, with annual recertification and strict compliance with the Nigerian Data Protection Law,” said Adegoke
NIMC advised Nigerians to be cautious and avoid sharing their data with unauthorised or phishing sites which pose significant risks of data harvesting and compromise.
The commission reiterated its dedication to maintaining ethical standards in data protection, in alignment with federal government directives and data privacy regulations.
It further clarified that licensed partners or vendors are not permitted to scan or store NIN slips but are only authorized to verify NINs through approved channels.
The commission announced an ongoing collaboration with security agencies to apprehend individuals posing as online vendors who will face legal consequences.
NIMC urged the public to stay vigilant against misinformation and rely on verified sources for accurate updates.
“NIMC remains committed to delivering secure and reliable identity management services and ensuring the highest level of security for its systems and databases, which are deemed critical national assets,” it added.