By 
The National Commissioner of the Nigeria Data Protection Commission (NDPC), Dr. Vincent Olatunji has initiated a thorough investigation into reports of unauthorized access to personal data stored in the National Identity Management Commission (NIMC) database.
RELATED: NDPC’s Olatunji set to address Data Protection Act’s significance at Nigeria’s premier digital economy gathering
This move comes in response to public concerns raised over allegations of data breaches by an entity known as XpressVerify.com.
Babatunde Bamigboye, Head of Legal, Enforcement, and Regulations at NDPC, stated that the investigation is a proactive regulatory measure aimed at addressing the reported privacy breach.
NIMC launches own internal investigation
NDPC has been actively engaging with NIMC to enhance data protection measures, including conducting training sessions with NIMC officers in early February 2024.
NIMC has launched its own internal investigation into the matter and has pledged full cooperation with NDPC to uncover the truth behind the allegations. Additionally, NIMC is committed to reviewing its existing protocols for verifying the identity of enrollees on its platform to prevent future breaches.
Violators to face appropriate legal consequences
NDPC will collaborate with relevant agencies to audit the alleged unauthorized data processing activities and ensure that those responsible for violating the Nigeria Data Protection Act, 2023, face appropriate legal consequences.
The National Commissioner has instructed that preliminary findings of the investigation be made public within seven days, demonstrating NDPC’s commitment to transparency and accountability in safeguarding citizens’ data privacy rights.
