There was a major data breach on the National Bureau of Statistics (NBS) website on Wednesday night.
A statement from NBS, via its X (formerly Twitter) handle confirmed that the website had been hacked.
The NBS stated:
“This is to inform the public that the NBS website has been hacked and we are working to recover it. Please disregard any message or report posted until the website is fully restored. Thank you.”
This is coming days after the statistical body released the Consumer Price Index Report with troubling inflation figures, and the Crime Experience and Security Perception survey reports.
A screenshot of the website from Wednesday night confirmed that it had been hacked, with the message “page hacked,” but by Thursday morning, it was completely inaccessible.
Security of public data continues to raise major concerns across the globe, and even in October this year, Internet Archive went offline after a major data breach defaced the website, and left data from millions of users exposed.
NBS is Nigeria’s National Statistical Office, responsible for collecting, interpreting, analysing and managing official statistics. The bureau collaborates with governmental and non-governmental bodies to maintain an official socio-economic Data Bank for Nigeria.
Other data breaches that occurred in 2024
This is Nigeria’s third reported hack of websites carrying sensitive government information, in 2024 alone.
Legit.ng reported that the Nigerian Identity Management Commission (NIMC) website was breached in June 2024, leading to unauthorized access of Nigerians’ National Identification Number (NIN), Bank Verification Number (BVN), International Passport, and other data.
The Nigeria Data Protection Commission and National Identity Management Commission launched an investigation into the matter to find out if any of the commission’s tokenisation verification agents had violated the specified terms of their licenses.
Websites such as the idfinder.com.ng, Verify.Ng/sign in, championtech.com.ng., trustyonline.com, and anyverify.com were uncovered and some of these websites were found to be selling the data to third parties for as low as N190.
Given the allegations that NIMC partners involved in registration may be responsible for causing the breach, all front-end partners were prohibited from enrolling NINs.
