The National Identity Management Commission (NIMC) has listed five websites allegedly harvesting Nigerians’ data fraudulently.
This is in response to the recent alert that Paradigm Initiative voiced regarding the sale of Nigerians’ International Passport, Bank Verification Number (BVN), National Identification Number (NIN), and other data by various websites.
The websites involved in the unlawful data harvesting without the Commission’s authorization, according to a statement released on Saturday by Kayode Adegoke, Head of Corporate Communications for the Commission, include:
- idfinder.com.ng,
- Verify.Ng/sign in,
- championtech.com.ng.
- trustyonline.com, and
- anyverify.com.
“The information provided by the public on these websites is collected and stored to build the data services these websites illegally provide. As such, NIMC urges the public to disregard any claims or services these websites offer and should not give their data as they are potentially fraudulent,” the statement read.
The Commission added that it has taken steps to fortify the NIN database and that it has not compromised the sensitive data of Nigerians, despite what Paradigm Initiative had claimed.
The Commission reassures the public that as of right now, none of the names included in the report have been misused or their data stolen. Neither has the Commission given permission for any website or other business to sell or otherwise profit from the National Identification Number (NIN) among Nigerians.
“The public should be aware that the Commission has implemented strong defences against cyberattacks, ensuring that a top-notch, fully-proof database is in place and safe from harm.” The Nigerian Data Protection Law is strictly followed, and the commission’s infrastructure satisfies the demanding ISO 27001:2013 Information Security Management System Standard, according to the statement. It is also annually recertified.
Nigerians were cautioned by NIMC not to provide personal information to phishing and unapproved websites since they could be used for data harvesting.
The Commission stated that its licenced partners or vendors are not authorised to scan or store NIN slips; instead, they must verify NINs through authorised channels. The Commission reaffirmed its commitment to upholding ethical standards in data protection in accordance with federal government directives and data privacy regulations.
In order to capture those posing as internet suppliers, NIMC stated that it is closely collaborating with law enforcement. If caught, these individuals would be subject to the full force of the law.
“NIMC exhorts the public to be on the lookout for misleading information and to trust credible sources for up-to-date information. The Commission is still dedicated to offering dependable and safe identity management as well as maintaining the highest standards of security for databases and systems, which are vital national resources, the statement read.
Concerned that multiple unapproved websites are claiming to possess and grant access to sensitive personal and financial data of Nigerian individuals “for as little as 100 Naira,” Pan-African social enterprise Paradigm Initiative had voiced its concerns about this on Friday.
The group released a statement saying, “This alarming development presents a major breach of the fundamental rights to privacy, a breach of data privacy rights, and poses significant risks to individuals and the national economy.”
According to Paradigm Initiative, unauthorised access to personal data constitutes a flagrant violation of Nigerian citizens’ right to privacy because its release could result in identity theft, financial fraud, and other nefarious activities. Data owners could also become targets of burglars, kidnappers, or terrorists who purchase home address data.
It further stated that the stability of Nigeria’s banking system may be jeopardised by the accessibility of private financial information online.