The National Identity Management Commission NIMC has debunked allegations of data compromise, assuring that the Commission has at no time exposed sensitive data of Nigerian citizens.

The Commission has also dissociated itself from claims by some websites including idfinder.com.ng; Verify. Ng/sign in, championtech.com.ng, trustyonline.com, and anyverify.com that they have been authorised by the Commission to carry out some identity management functions or issuance the National Identification Number NIN on its behalf, describing them as mere ‘data harvesters’, while urging Nigerians to be weary of such websites.

According to a statement signed by the head, Corporate Communication of the Commission, Kayode Adegoke, the public should know that the Commission has taken robust measures to safeguard the nation’s database from cyber threats, assuring that a secure, world-class, full-proof database is in place. NIMC also noted that the Nigerian public should be rest assured that its infrastructure meets the stringent ISO 27001:2013 Information Security Management System Standard, with annual recertification and strict compliance with the Nigerian Data Protection Law.

The statement reads in part: “NIMC wishes to debunk the exposure of sensitive data of Nigerian citizens as it concerns the Commission amongst many other data-collecting agencies, as alleged and reported. The Commission, at this moment, assures the public that the data of Nigerians has not been compromised, and the Commission have not authorised any website or entity to sell or misuse the National Identification Number NIN amongst all the identities stated in the report.

“The following websites:  idfinder.com.ng; Verify. Ng/sign in, championtech.com.ng, trustyonline.com, and anyverify.com are data harvesters not authorised by NIMC to access or manage sensitive data. NIMC urges the public to disregard any claims or services these websites offer and should not give their data as they are potentially fraudulent and data provided by the public on such websites are gathered and stored to build the data services they illegally provide.

“Consequently, the public should know that the Commission has taken robust measures to safeguard the nation’s database from cyber threats- a secure, world-class, full-proof database is in place. The commission’s infrastructure meets the stringent ISO 27001:2013 Information Security Management System Standard, with annual recertification and strict compliance with the Nigerian Data Protection Law. 

“Furthermore, NIMC advises Nigerians to avoid giving their data to unauthorised and phishing sites. This poses the danger of data harvesting and comprises individual data. The Commission reaffirms its commitment to upholding ethical standards in data protection in line with federal government directives and data privacy regulations. Moreover, licensed partners or vendors are not authorised to scan or store NIN slips but to verify NINs through approved channels.”

It was however gathered that the Commission is currently working closely with security agencies to apprehend these elements masquerading as online vendors, as they will be made to face the full wrath of the law.

The Commission further urged the public to remain vigilant against false information and rely only on verified sources for accurate updates. It also assured that it will remain committed to providing secure and reliable identity management and upholding the highest level of security for systems and databases, which are critical national assets.