NIMC responds as hacker claims he gained access to NIN database

The issue of data security has been at the forefront since the federal government introduced the national identity database.

In December 2021, Isa Pantami, minister of communications and digital economy, had announced that 71 million Nigerians had been captured on the database.

As more Nigerians registered, is the NIN database free from hackers?

On Monday, a hacker identified as Sam claimed he successfully found a bug on the server of Nigeria’s National Identity Management Commission (NIMC) — revealing how easy it was for him to breach the server and access the personal information of millions of people.

Guys, I am a bug hunter , and recently I found a S3 bucket, in @TecnoSRC company's bug bounty program, and the bucket is open and it contained the data of company , Now news headlines are , messing everything here, I've starigtly reported it to Tecno, and they fixed it within..

— Sam (@__Sam0_0) January 10, 2022

He also edited the article published on Medium and removed a copy of the national ID posted as a screenshot in the story — but failed to explain why he mentioned Nigeria’s ID database in the previous version.

New Write-up on InfoSec Write-ups publication : "A TALE OF 5250$ : HOW I ACCESSED MILLIONS OF USER’S DATA INCLUDING THEIR NATIONAL ID’S" #bugbounty #bugbountywriteup #bugbountytips https://t.co/abNL2t5D4E

— InfoSec Community (@InfoSecComm) January 10, 2022

Speaking with newsmen on the development, Boye Adegoke, senior program manager at Paradigm Initiative, said there is the possibility of negligence on the part of NIMC.