By Adedapo Adesanya
The National Identity Management Commission (NIMC) assured Nigerians that its servers had not been breached amid reports that the agency’s database had been hacked.
This was revealed by the commission’s chief executive, Mr. Aliyu Aziz, in a statement through its head of corporate communications, Mr. Kayode Adegoke, refuting the claims and assuring Nigerians that the servers of the agency are fully optimized to the highest international security levels.
Making this statement in his New Year’s message, NIMC Director General Engr Aliyu Aziz said that as the custodian of the fundamental identity database for Africa’s most populous nation, NIMC has gone to great lengths to ensure that the nation’s database is properly secured and protected, especially given the upsurge in cyber attacks on networks across the world, ”Mr. Adegoke.
“Over the years, through diligent efforts, NIMC has built a robust and credible system for Nigeria’s identity database,” the statement added.
In the context, a hacker identified only as Sam claimed on Monday that he had successfully found a bug in the NIMC server, claiming that it was easy for him to breach the server and gain access to the personal information of millions of Nigerians.
He explained that he stumbled upon the information in order to decompile some applications he was working on.
The hacker reportedly released the data he obtained in the process – a copy of the NIMC National Identity Card, but disfigured it to hide vital information about the owner.
The head of the NIMC, for his part, stressed that the commission and its infrastructure were certified according to the ISO 27001: 2013 information security management system standard, and revalidated each year.
According to him, the commission has ensured maximum security of its systems and database due to the critical nature of the identity data that NIMC collects, manages and maintains as critical assets for the country.
“The commission assures the public that it will continue to uphold the highest ethical standards in data security on behalf of the federal government and ensure compliance with data protection and privacy regulations,” the report said. communicated.
Mr Aziz said the organization does not use or store information on the AWS cloud platform or any public cloud, despite the NIMC mobile app available to the public to access its NIN on the go.
He insisted that the NIMC mobile ID app does not have a database in the app, nor does it store information in flat files.
“The public should be aware that possession of a NIN does not equate to access to the national identity database, but that the NIN is only a physical affirmation of a person’s identity. .
“Under data protection regulations, no authorized partner / vendor is allowed to scan and store copies of individuals’ TIN slips, but rather to authenticate the TIN using the platforms / channels of approved and authorized verification provided.
“As part of its policies to protect personally identifiable information stored in the national identity database, the public may recall that the Ministry of Communications and Digital Economy through NIMC launched the tokenization features of the service NIN verification, ”the statement read.
He added: “This solution aims to protect the personal data of individuals and to guarantee user rights and ongoing confidentiality.
“In accordance with the mandatory use of the NIN for government services, the commission also welcomes the concerted efforts of several federal government agencies such as the Joint Admissions and Matriculations Board (JAMB), Federal Road Safety Corps (FRSC), Nigeria Immigration Services, Pension Commission (PenCom), Nigeria Police Force, Nigeria Correctional Service, Nigeria Customs and a host of others, who have streamlined their services in accordance with the use of the National Identification Number (NIN ) as a valid means of identification.
“While wishing all Nigerians and legal residents a happy and prosperous New Year 2022, Engr Aziz called on all stakeholders to adopt identity, register and receive their TINs.”