Mal. Kashifu Inuwa Abdullahi, Director General, NITDA
Mal. Kashifu Inuwa Abdullahi, Director General, NITDA

NITDA Investigates Alleged Data Breaches

TECH DIGEST – The National Information Technology Development Agency (NITDA) has swung to action to unearth the alleged circulation of Nigerian data breaches in the darknets.

This follows an order the Minister of Communications and Digital Economy, Dr. Isa Pantami, as contained in his tweet through his verified Twitter account – @DrIsaPantami– ordering NITDA as Nigeria’s cyber defense, to urgently unearth circumstances surrounding the alleged data breaches.

The dark web is the World Wide Web content that exists on darknets: overlay networks that use the Internet but require specific software, configurations, or authorization to access.

Through the dark web, private computer networks can communicate and conduct business anonymously without divulging identifying information, such as a user’s location.

The dark web, according to this Wikipedia page, forms a small part of the deep web, the part of the Web not indexed by web search engines, although sometimes the term deep web is mistakenly used to refer specifically to the dark web.

A twitter user, Destiny Young (@YOUNGDESTINYA) had tweeted thus, “Even FIRS email system was infiltrated and I sent an email to them to notify them, but got no response at all. The hacker uses FIRS domain to send out spam and phishing emails to other govt MDAs. I have proof”.

Another twitter user Sammy (@samstrongng) collaborated Destiny Young’s allegations by tweeting: “Nigerian Embassy in the US, CBN etc have exposed endpoints littered all over the internet. Sent tons of emails to them last year and no response till date. Most banks have vulnerability all over their web applications; they barely get back to you when you report these issues”.

Anda (@henryandy345), tweeted, saying he wasn’t surprised by the tweets, adding that “NYSC and other agencies might also experience such mess if not tackled immediately. They all need be data protection compliant by all means as the NDPR suggest. Those guys don’t have privacy policy or any regards for data subject’s privacy.

In his reaction, the Minister (@DrIsaPantami) directed as follows:

“Hello @NITDANigeria, You are directed to investigate this allegation and take action in line with the provision of Nigeria Data Protection Regulation. I also need to see the report of all actions taken. Best w​​ishes!

Cc: @KashifuInuwa”

In a swift reaction, the Agency (@NitdaNigeria) replied: “Noted, Honourable Mimnister”.

Also, the Director General of NITDA, Malam Kashifu Inuwa Abdullahi (@KashifuInuwa), assured the Minister and others who have expressed concerns that the Agency have swung to action.

His tweet: “Noted Sir, we have swung into action and we’ll update you appropriately”.

This is coming at the time NITDA is enforcing the implementation of the Nigeria Data Protection Regulation (NDPR) which was designed to meet the global, especially GDPR principles on data protection, and also provides unique and innovative implementation frameworks.

It is not yet clear when and if NITDA will make its findings public with regards the alleged Nigerian data breaches that circulate in the darknets.