Nigeria’s Data Breach: NIMC names fraudulent sites, says public info is secure 

Nigeria’s Data Breach: NIMC names fraudulent sites, says public info is secure 

In light of recent allegations of data breaches, the National Identity Management Commission (NIMC) has reassured Nigerians that their personal information remains uncompromised. 

Kayode Adegoke, NIMC’s head of corporate communications, provided this assurance in a statement issued on Saturday, countering claims that sensitive data was being sold online for as little as N100.

Read also: Nigeria to commence issuance of three-in-one ID card

Nigeria’s Data Breach Allegations

The controversy began when Paradigm Initiative, a pan-African social enterprise, reported that national identification numbers (NINs), bank verification numbers (BVNs), and other personal data were sold on a website for as low as N100. Paradigm Initiative specifically identified ‘AnyVerify.com.ng’ as one of the platforms involved in this illegal activity.

Paradigm Initiative’s findings revealed multiple unauthorised websites allegedly selling sensitive data, raising significant privacy and security concerns. The organisation called this development a major breach of fundamental privacy rights, posing risks to individuals and the national economy.

NIMC’s Response to Data Breach

In response, NIMC clarified that it has not authorised any website or entity to sell or misuse the National Identification Number (NIN) or other personal identities. NIMC identified the following unauthorised data harvesters: idfinder.com.ng, Verify.Ng/sign in, championtech.com.ng, trustyonline.com, and anyverify.com.

NIMC urged the public to disregard any claims or services these websites offer, warning that they are potentially fraudulent and collect data for illegal services. The Commission has implemented robust measures to protect the nation’s database from cyber threats, ensuring a secure, world-class system.

NIMC highlighted its compliance with the stringent ISO 27001:2013 Information Security Management System Standard, including annual recertification and Nigerian Data Protection Law adherence. The Commission advised Nigerians to avoid submitting their data to unauthorised or phishing sites, which could lead to data harvesting and compromise individual privacy.

Read also: Nigeria plans new national integrated ID card

The Commission reaffirmed its commitment to ethical data protection standards, which align with federal government directives and data privacy regulations. Licensed partners or vendors are only authorised to verify NINs through approved channels, not to scan or store NIN slips.

NIMC collaborates closely with security operatives to apprehend those masquerading as online vendors. These individuals will face the full extent of the law. The Commission urged the public to remain vigilant against false information and rely on verified sources for accurate updates.

The NIMC remains dedicated to providing secure and reliable identity management, ensuring the highest level of security for national systems and databases. The Commission’s commitment to safeguarding citizens’ data aligns with its mission to maintain a foolproof identity management system.