In 2012, the Director of the Federal Bureau of Investigation , Robert Mueller, said there are only two kinds of companies – those that have been hacked, and those that will be. Lately, that has proven to be most valid with routine hacking and data breaches, leading to unauthorised sales of personal data, identity theft, and misuse of individuals’ National Identification Numbers, among others.
Paradigm Initiative further claimed that a particular firm, AnyVerify.com.ng distributes personal and private data of Nigerians under the guise of providing verification services, just as it stressed that the act of unauthorised access to the data of Nigerian citizens by AnyVerify.com.ng, and the commercialisation of same violates the provision of Section 37 of the Constitution of the Federal Republic of Nigeria 1999.
In March this year, the Foundation for Investigative Journalism published a story about how XpressVerify, a private website, accesses data of Nigerians for personal gains. A technology security firm, Nitroswitch noted that systems, networks, and programmes come under digital attacks in the country with the number exceeding 4,000 daily.
Further, as of 2023, a global study by Surfshark, an Amsterdam-based cybersecurity firm, ranked Nigeria as the 32nd most breached country in the first quarter. Per the report, Nigeria had 82,000 leaked accounts from January to March 2023, which represented a 64 per cent increase from the previous quarter. It added that data breaches globally declined in Q1 2023, with 41.6 million accounts breached. This was almost 50 per cent less than the nearly 81 million recorded in Q4 2022.
Data breaches have severe implications for both individuals and businesses. Personal information, including financial records, medical data, and identification details can be compromised, leading to identity theft, financial fraud, and reputational damage. It also damages the trust of customers and the overall reputation of the business.
“NIMC urges the public to disregard any claims or services these websites offer and should not give their data, as they are potentially fraudulent and data provided by the public on such websites are gathered and stored to build the data services that they illegally provide,” he stated . According to him, the Commission reaffirms its commitment to upholding ethical standards in data protection in line with the Federal Government’s directives and data privacy regulations.