Following allegations of exposure of sensitive data of citizens, the National Identity Management Commission (NIMC) has assured the public that the data of Nigerians has not been compromised
NIMC gave the assurance in a statement signed by its head of corporate communications, Kayode Adegoke, on Saturday.
Paradigm Initiative, a pan-African social enterprise, had on Thursday raised an alarm over its discovery of the sale of national identification numbers (NINs), bank verification numbers (BVNs), and other personal data of Nigerians on a website for as low as N100.
The organisation claimed that a website known as ‘AnyVerify.com.ng’ was found to be involved in the commercial distribution of personal and private data of Nigerians.
It noted that several unauthorised websites claim to hold and provide access to sensitive personal and financial data of Nigerian citizens “for as little as 100 Naira”.
“This alarming development presents a major breach of the fundamental rights to privacy, a breach of data privacy rights, and poses significant risks to individuals and the national economy,” the organisation stated.
Reacting to the report, NIMC said that it has not authorised any website or entity to sell or misuse the National Identification Number (NIN) amongst all the identities.
According to the Commission, idfinder.com.ng; Verify. Ng/sign in, championtech.com.ng, trustyonline.com, and anyverify.com are data harvesters not authorised by NIMC to access or manage sensitive data.
NIMC urged the public to disregard any claims or services these websites offer and should not give their data as they are potentially fraudulent and data provided by the public on such websites are gathered and stored to build the data services they illegally provide.
“Consequently, the public should know that the Commission has taken robust measures to safeguard the nation’s database from cyber threats- a secure, world-class, full-proof database is in place. The commission’s infrastructure meets the stringent ISO 27001:2013 Information Security Management System Standard, with annual recertification and strict compliance with the Nigerian Data Protection Law.
“Furthermore, NIMC advises Nigerians to avoid giving their data to unauthorised and phishing sites. This poses the danger of data harvesting and comprises individual data. The Commission reaffirms its commitment to upholding ethical standards in data protection in line with federal government directives and data privacy regulations. Moreover, licensed partners or vendors are not authorised to scan or store NIN slips but to verify NINs through approved channels.
“The Commission is currently working closely with security operatives to apprehend these elements masquerading as online vendors, and they will be made to face the full wrath of the law.
“NIMC urges the public to remain vigilant against false information and rely on verified sources for accurate updates. The Commission remains committed to providing secure and reliable identity management and upholding the highest level of security for systems and databases, which are critical national assets,” the statement added