HomeData Privacy Law DigestNameCheap Suspends XpressVerify After NIN Database Breach Report

NameCheap Suspends XpressVerify After NIN Database Breach Report


A popular web hosting platform, NameCheap, has suspended a Nigerian website, XpressVerify, which was accused of commercialising data of Nigerians.

FIJ Nigeria had on Sunday reported that the website had “unrestricted access to the National Identification Numbers (NINs) and personal details of every registered Nigerian.”

The company charges N200 to retrieve personal details of any Nigerian registered by the National Identity Management Commission (NIMC) for NIN.

Personal details of Nigerians like phone numbers, full names, NIN, address and photographs could be accessed after the payment of N200.

After outcry following the report of the alleged data breach, NameCheap confirmed that it has taken down the domain.

“The domain has been suspended. Thank you for reporting the issue,” it said.

A check ascertained this, as at the time of filing this report, the website was not accessible.

The Minister of Communications, Innovation and Digital Economy, Mr Bosun Tijani, who was asked to look into the matter, said NIMC was no longer his ministry.

“NIMC is no longer under @FMCIDENigeria but our @ndpcnger will work with colleagues at @nimc_ng to investigate this immediately. Thanks for sharing,” Mr Tijanu said.

In the peak of COVID-19 crisis and lockdown in 2020, Mr Tijani’s predecessor, Mr Ali Pantami, forced Nigerians to register for NIN, saying it was necessary to tackle insecurity in the country.

He gave deadline to disconnect phone lines not linked with NIN, causing desperate Nigerians to break the COVID-19 social distancing rule, which required about one to two meters between two persons.

Meanwhile, NIMC, in a statement on Sunday by its Head of Corporate Communications, Mr Kayode Adegoke, assured Nigerians of the safety of their data, dissociating itself from XpressVerify.

“The commission wishes to state that it offers NIN verification and other services through licensed partners. However, XpressVerify is not one of the commission’s licensed partners.”

“We express our gratitude to our media partners and the whistleblowers for bringing this to our attention and wish to assure Nigerians and legal residents that there is no data breach of any sort and the Citizens’ data is safe and secure in Nigeria’s National identity database.

“The Director General and Chief Executive Officer of NIMC, Engr. Abisoye Coker-Odusote has promptly ordered a comprehensive investigation into the matter to find out if any of the Commission’s Tokenisation verification agents has in any way breached the licensing agreement either directly or through any of their sub-licensees,” the statement said.

Share on

Place your
Advert Here

Are you looking to boost your brand visibility and connect with your target audience? Look no further! Secure prime advertising space in our dedicated section and showcase your products or services to our engaged community.

Related articles:

NDPC Facilitates a Workshop on Registration Guide for Controllers of Major Importance

At the just concluded PrivCon (an annual privacy conference)...

I Remain Committed to Championing Data Privacy Rights – Chiderah Ike-Okonkwo

Chiderah Ike-Okonkwo is unarguably one of the most profound...

Data Protection Commission Probes 400 Cases of Privacy Breach in Online Loan Apps

The Nigeria Data Protection Commission has said it is...

PrivCon Privacy Awards: Final Nominees Unveiled

The Organizing Committee is thrilled to announce the final...

Recent Posts: