The National Identity Management Commission (NIMC) has allegedly lost over three million National Identity Numbers (NIN) of Nigerians to hackers as the agency’s server has been reportedly breached.
A hacker who simply gave his name as Sam on Monday claimed he successfully hacked the server while revealing how easy it was for him to breach the NIMC server and access personal information of millions of Nigerians.
Sam made the revelation in an article he shared on infosecwriteups.com, boasting that he got access to “juice” on the Nigerian government agency’s server and that he could go ahead to do whatever he desired with other sensitive data at his disposal.
The hacker displayed a defaced National Identity card of a Nigerian alongside the article that has continued to generate reactions from some Nigerians on Twitter especially tech enthusiasts.
He wrote: “I’ve got one more output for s3 bucket, I casually tried to access it without any hope, and damn! The s3 bucket is full of juice.
“I just simply got access to their (Nigeria) data of internal files, users and everything they have. I can download everything, even the whole bucket. I am sure that the bucket is full of juice.
“I wanted to look at more files but as we have to follow bug bounty rules I stopped doing more.
“I’ve got one more s3 bucket with nuclei and it also contained about 4–5 gigs of data.
“I’ve rewarded 5250$ for only one report and 0$ for the second one even it contained so much sensitive data.”
The New Diplomat recalls the Nigerian Communications Commission (NCC) in November 2021 had issued a warning that an Iranian hacking group was planning to carry out cyber espionage across Africa.
According to the statement, the hackers were targeting telecoms, Internet Service Providers, and Ministries of Foreign Affairs in Nigeria and other African countries.
The Minister of Communications and Digital Economy, Isa Pantami, had in November said the National Identification Number, NIN, will enable the Federal Government and security agencies know the identity of Internet users in the country.
Pantami, who also noted that NIN would be the foundation for the economy and the security of the country, stated this during the Nigeria International Partnership Forum in Paris, France.
He said:“Some of these initiatives that happen to be the foundation of even our economy is the introduction of the national identification number. Nigeria has joined the global community by making the use of national identification numbers for both citizens and legal residents mandatory.”
“This is going to be the foundation of our economy and also the foundation of our security that whoever happens to go online, his identity will be known by the federal government and also by our security institutions.
“As in our 1999 Constitution as amended section 14(2)(b), that the primary responsibility of government is security and safety of its citizens, it is because of this that President Muhammadu Buhari is very passionate about that and he has been pushing that we establish the foundation of our economy and the foundation of our security on the national identification number so that identity of our citizens and legal residents will be known.
“As it is today, the enrollment has been over 67 million and most importantly we are able to capture the most important category of people that come out to do businesses.”
The Minister said having NIN was a prerequisite to enjoying government services, adding that it would bring peace of mind to potential investors.
“So it becomes a prerequisite to enjoying government services and I believe this will bring more peace of mind to potential investors to know that the government has been doing something significant in that regard.
“Recently, the country has also launched and commissioned a national centre for artificial intelligence and robotics that focuses more on research and coming up with innovative solutions in the area of security.
‘’Now the centre, in collaboration with security institutions is in the process of developing robots and many more that will be deployed to make our country safe and sound,’’ the minister said.
Over 60 million Nigerians had so far been captured on the national identity database, according to the NIMC as the hacker’s revelations continue to jangle nerves and raise questions on the cybersecurity of NIMC.
The agency was yet to react to the claims by the said hacker as of the time of this reporting.
