Rédaction Africa Links 24 with Guardian Nigeria
Published on 2024-03-27 03:30:58
Data breaches have become a prevalent issue in today’s digital landscape, affecting businesses, governments, and individuals alike. The exposure of sensitive information can lead to serious complications and long-term consequences, highlighting the need for a robust identity management system in Nigeria. As more and more data about people’s lives is stored online, such as health care, financial, and travel records, it becomes increasingly challenging to track where one’s information is available and who can access it. This has made data breaches more common, leading to a rise in identity theft cases.
Nigeria has not been immune to data breaches, with both public institutions and private firms experiencing cybersecurity breaches regularly. In a global study conducted by Surf shark, Nigeria was ranked as the 32nd most breached country in the first quarter of 2023, with 82,000 leaked accounts reported. This represents a 64 percent increase from the previous quarter. While data breaches declined globally in the first quarter of 2023, they continue to be a significant problem in Nigeria and around the world.
The recent alleged breach of the National Identity Management Commission (NIMC) by a data privacy organization called XpressVerify has raised concerns among citizens about the safety and security of their personal data. The Nigeria Data Protection Commission (NDPC) has called for a full-scale investigation into the unauthorized access to personal data of enrollees in the NIMC database. The NDPC aims to ensure that individuals’ data privacy rights are protected and that those responsible for breaching the Nigeria Data Protection Act, 2023 are held accountable.
It has been revealed that the NIMC tokenization platform, designed to safeguard citizens’ identity and personal information, may have been compromised due to vulnerabilities in the system. The tokenization process was meant to ensure user consent management and data privacy, but recent actions taken by the NIMC have raised concerns about potential breaches. Industry experts have highlighted the need for more stringent encryption controls and transparency in the verification exercises to prevent future breaches.
Civil society organizations, such as the Paradigm Initiative, have called for urgent measures to address breaches at the NIMC by XpressVerify.com. The breach is seen as a violation of citizens’ privacy rights and a betrayal of public trust. The organization urges the NDPC and the NIMC to investigate the matter thoroughly and take immediate action to rectify the breach and prevent similar incidents from occurring in the future.
In response to these concerns, the Director-General and CEO of NIMC, Abisoye Coker-Odusote, has reassured the public that NIN verification and related services are conducted exclusively through licensed partners. She emphasizes that NIN verification and other services are not provided by XpressVerify, and citizens’ data remains secure within Nigeria’s National Identity Database. Moving forward, it is essential for all stakeholders to work together to strengthen the identity management system in Nigeria and prevent future data breaches that may have long-lasting consequences for individuals and organizations.
