Kenya’s Electoral Commission Denies Servers Were Hacked to Steal Personal Details
The Kenyan Independent Electoral and Boundaries Commission (IEBC) has refuted claims that hackers infiltrated its servers and obtained the personal details of at least 61,000 registered voters. This comes after reports from the Directive of Criminal Investigators (DCI) were released, saying that the directive has arrested a 21-year old fraud suspect claimed to have allegedly hacked into the IEBC’s servers.
Only identified by the alias ‘Kiprop’ by the DCI, the suspect is said to be the mastermind behind a high-tech mobile phone scam syndicate that has been stealing millions of dollars from M-Pesa agents across Kenya.
According to Nation, the DCI claims that Kiprop gained access to IEBC’s database and stole the personal details of 61,617 registered voters in the country. Data found in the suspect’s possession include names of registered voters, their ID numbers and birth dates.
Read also:SEACOM Launches SD-WAN in Kenya for Digital Transformation
Kiprop is believed to have previously worked for one of Kenya’s mobile phone networks. They were arrested on Friday morning, with a gunny bag filled with Safaricom, Airtel and Telkom SIM cards seized from their possession.
They were arrested in Juja, and found by the Crime Research and Intelligence Bureau, with support from Safaricom’s fraud investigation team and security officers from the Jomo Kenyatta University of Agriculture and Technology.
IEBC chairman Wafula Chebukati released a statement on Sunday claiming that “information circulating in the media to the effect that a suspect has hacked into the IEBC database and acquired personal details of registered voters from a county in western Kenya” is not factual.
Chebukati explains that the register of voters is kept in a Biometric Voter Registration (BVR) system, which he claims has never been tampered with since its installation eight years ago. Further, he explains that the IEBC’s systems are isolated and “not connected to the open internet,” meaning that hackers will not be able to gain access to it.
Read also:Nigeria’s Terragon Verified as Leader in Data and Marketing Technology
“In addition, the rest of the commission’s entire internal network is behind a high-security firewall system.”
Chebukati says that the data in question could have been obtained from entities that acquired the voter information through legitimate means, as the Constitution allows the IEBC to give part of the register of voters – for specific electoral areas – at a fee.
“The commission services numerous requests by various entities requiring the register of voters for specific electoral areas. These requests are serviced upon payment of certain fees and in accordance with privacy laws requiring personally identifiable information to be kept confidential,” he says.
Read also:New $155m Fund For African Solar Energy Businesses, Courtesy Of AREF II Fund
“What is currently being reported in the media is not data obtained through hacking of the BVR system but possibly from entities that may have legitimately obtained it from the commission through formal requests and upon payment of requisite fees?”
Kelechi Deca
Kelechi Deca has over two decades of media experience, he has traveled to over 77 countries reporting on multilateral development institutions, international business, trade, travels, culture, and diplomacy. He is also a petrol head with in-depth knowledge of automobiles and the auto industry