From Molly kilete, Abuja
The Nigeria Police Force ( NPF) has arrested eight suspected members of a syndicate behind several unauthorised identity verification platforms that illegally harvested Nigerians’ personal information under the guise of accessing the National Identity Management Commission database.
The suspects to include:Hamzat Lukman Tolani Suleiman, Nura Bello, Ibrahim Abubakar, Shoara Kehinde, Abubakar Amisu, Abdullahi Salisu, and Ashiru Sanni, while efforts were ongoing to apprehend others .
googletag.cmd.push(function() { googletag.display(‘div-gpt-ad-1718806029429-0’); });
Deputy Force Public Relations Officer,Victor Isuku,said the suspects were arrested by operatives of the the National Cybercrime Centre, following a petition by the NIMC Director-General, Abisoye Coker-Odusote, over the unlawful distribution and commercialisation of Nigerians’ personally identifiable information.
At a joint media briefing in Abuja, Isuku, said the cybercrime centre deployed advanced digital forensic techniques to trace the culprits and their illicit domains.
He said: “The Police National Cyber Crime Centre was able to achieve these great feats through the use of digital forensic techniques which aided in identifying these threat actors and domains involved in this unlawful sale and verification of NIN linked PPI that is personally identifiable information.
“The actors behind this heinous act were Hamzat Lukman and Babalola Tolani Suleiman, arrested in Kwara and Lagos states respectively. Lukman, a software developer, created and hosted the domain goverify.com.ng on behalf of Suleiman for commercial verification purposes. He also hosted three other domains for the same purpose,” Isuku explained.
According to him, further investigations led to the arrest of other collaborators, including Nura Bello and Ibrahim Abubakar, who was linked to idfinders.com.ng.
“Other arrested suspects are :Shoara Kehinde , Abubakar Amisu, Abdullahi Salisu, and Ashiru Sanni.”
He listed other domains used to perpetrate this cyber intrusion to include :0“verifymyNIN.com triplus.ng goverify.com.ng idfinder.com.ng verifyforme.com.ng subpoint.com.ng verify.datashop.com.ng championtech.com.ng anyverify.com.ng cremetech.com.ng nickverify.humanity.com.ng, inventor.com.ng, “.
He said efforts have been intensified to apprehend other shadow perpetrators who engage in illegal distribution commercialisation and unlawful access to government databases and dismantle syndicates responsible for carrying out cyber related crimes and offences.
He further stated that the Inspector-General of Police, through the cybercrime unit, was commitmented to dismantling criminal syndicates targeting critical national infrastructure.
“The IG has given has again reaffirmed the commitment of the police force under its able leadership to combating all forms of cyber crimes as well as safeguarding national digital assets reinforcing data privacy and protecting the integrity of citizens identification data thank you very much
“This operation is a milestone for the Police, for NIMC, and for Nigeria. We remain committed to safeguarding national digital assets, reinforcing data privacy, and protecting the integrity of citizens’ identification data,” Isuku said.
Also speaking, the Director of the NPF-NCCC,
CP Ifenayi Uche clarified that contrary to widespread fears, the NIMC database itself was never breached.
“When the case was reported, we conducted vulnerability assessments and penetration tests. We confirmed there were no breaches in the NIMC system. What we uncovered was the existence of third parties who created phishing links that mimicked NIMC’s website to harvest Nigerians’ personal data for commercial purposes,” he said.
He added that the suspects had built their own parallel databases with stolen information, which they then sold to unsuspecting clients.
Uche noted that 13 out of 14 fraudulent domains identified in the operation have been successfully taken down.
“Out of the 14 domains that were reported by by NIMC, we’ve been able to take down 13.
“We were also able to arrest eight of those behind those malicious domains and the prosecution will be done after this press briefing. “
In her address, NIMC DG, Odusote, assured Nigerians that the commission had intensified safeguards to protect citizens’ data.
“The National Identity Management Commission remains steadfast in protecting the integrity of Nigeria’s national identity database. We have recently upgraded our systems to accommodate up to 250 million registrations, decentralised enrolment processes to the ward level, and strengthened our cybersecurity architecture,” she said.
She urged Nigerians to avoid patronising unauthorised agents or business centres, stressing that enrolment is free at all approved NIMC centres.
“There is only one official website citizens should use only authorised channels for enrolment, modification, and verification,”.
The post Police bust syndicate behind fake NIMC platforms appeared first on The Sun Nigeria.
