Protection file

NIMC Demystifies Server Breach Report, Assures Nigerians of Data Protection – Channels Television

A sample of the national identity card.

The National Identity Management Commission (NIMC) assured Nigerians that its servers were not hacked but fully optimized to the highest international security levels, as the repository of the most important national database for Nigeria.

NIMC’s head of corporate communications Kayode Adegoke gave the assurance in a statement Monday amid reports that the agency’s server had been hacked.

“Making this statement in his New Year’s message, NIMC Director General Engr Aliyu Aziz said that as the custodian of the fundamental identity database for Africa’s most populous nation, NIMC has gone to great lengths to ensure that the nation’s database is properly secured. and protected, especially given the wave of cyberattacks on networks around the world, ”the Adegoke statement said.

“Over the years, through hard work, NIMC has built a robust and credible system for the Nigeria Identity Database.

READ ALSO: UN chief condemns Zamfara killings and asks FG to arrest perpetrators

A hacker identified as Sam claimed on Monday that he had successfully found a bug in the NIMC server, claiming that it was easy for him to breach the server and gain access to the personal information of millions of Nigerians.

He explained that he stumbled upon the information in order to decompile some applications he was working on.

The hacker reportedly released the data he obtained in the process – a copy of the NIMC National Identity Card, but disfigured it to hide vital information about the owner.

The head of the NIMC, for his part, stressed that the commission and its infrastructure were certified according to the ISO 27001: 2013 information security management system standard, and revalidated each year.

According to him, the commission has ensured maximum security of its systems and database due to the critical nature of the identity data that NIMC collects, manages and maintains as critical assets for the country.

“The commission assures the public that it will continue to uphold the highest ethical standards of data security on behalf of the federal government and ensure compliance with data protection and privacy regulations,” the statement said. .

Aziz said the commission does not use or store information on the AWS cloud platform or any public cloud, despite the NIMC mobile app available to the public to access its NIN on the go.

He insisted that the NIMC mobile ID app does not have a database in the app, nor does it store information in flat files.

“The public should be aware that possession of a NIN does not equate to access to the national identity database, but that the NIN is only a physical affirmation of a person’s identity. .

“Under data protection regulations, no authorized partner / vendor is allowed to scan and store copies of individuals’ TIN slips, but rather to authenticate the TIN using the platforms / channels of approved and authorized verification provided.

“As part of its policies to protect personally identifiable information stored in the national identity database, the public may recall that the Ministry of Communications and Digital Economy through NIMC launched the tokenization features of the service NIN verification, ”the statement read.

He added: “This solution aims to protect the personal data of individuals and to guarantee user rights and ongoing confidentiality.

In accordance with the mandatory use of the NIN for government services, the commission also welcomes the concerted efforts of several federal government agencies such as the Joint Admissions and Matriculations Board (JAMB), Federal Road Safety Corps (FRSC), Nigeria Immigration Services, Pension Commission (PenCom), Nigeria Police Force, Nigeria Correctional Service, Nigeria Customs and a host of others, who have streamlined their services in accordance with the use of the National Identification Number (NIN ) as a valid means of identification.

“While wishing all Nigerians and legal residents a happy and prosperous New Year 2022, Engr Aziz called on all stakeholders to adopt identity, register and receive their TINs.”