The Nigeria Data Protection Commission said it has heightened scrutiny on the licensees of the National Identity Management Commission after a website, “expressverify” breached data protection protocols by accessing National Identification Number verification credentials without authorisation.
This information was disclosed in a statement seen on NDPC’s X official account on Friday
The website was reported to have had unrestricted access to NINs and personal details of Nigerians registered in the nation’s identity database managed by NIMC.
On March 16, the Foundation for Investigative Journalism reported that the website monetised the recovery of NINs and personal information on the Nigerian identification database.
The report, which raised concerns about data protection, prompted investigations by regulatory authorities.
According to the commission’s findings, a third-party entity initially authorised to provide verification services may have granted the website access to NIN verification credentials without proper authorisation.
It said the circumstances surrounding the breach are currently under investigation by the NDPC.
-Advertisement-
The statement read in part, “To address this issue, NIMC has implemented remediation protocols, including temporarily suspending all access to its database.
While necessary, this action impacted genuine verification requests.
“However, after careful review, limited access has been reinstated for select establishments providing essential public services.
We do everything possible to supply quality news and information to all our valuable readers day in, day out and we are committed to keep doing this.
Your kind donation will help our continuous research efforts.
-Advertisement-
-Want to get the news as it breaks?-
