NINPrint, a digital platform where sensitive data of Nigerians were being sold for as little as N70, has been taken offline, FIJ can confirm.
Exactly eight days after FIJ published a report exposing the platform, which gave anyone access to citizens’ Bank Verification Numbers (BVN), National Identification Numbers (NIN) and other private records, the website went dark.
FIJ traced the website’s operator to Abbeytech Ventures, a sole proprietorship registered under the Corporate Affairs Commission (CAC) by Abdullahi Shogbanmu Abiodun.
The business is registered with the number BN-2858320. A phone number listed on the platform is linked to a cybercafé that promotes itself as an accredited NYSC registration centre.
READ MORE: EXCLUSIVE: Nigerians’ NINs, BVNs, Photos Still for Sale Online. I Bought 4 With Just N560
When FIJ contacted the number, the respondent refused to answer questions about the website’s affiliation with the National Identity Management Commission (NIMC). The call ended abruptly after the question was asked.
NINPrint marketed itself as a digital identity and background check company. It offered dozens of services, including NIN verifications using phone numbers, virtual NINs or document IDs.
READ ALSO: After FIJ’s Story, NIS Silently Fixes Loophole That Exposed Applicants’ Data
It also claimed it could search BVNs using names, phone numbers and birthdates. The website allowed users to retrieve lost NINs with tracking IDs, validate bank accounts for immigration purposes, and check CAC registrations, driver’s licences and voter cards.
To test the service, FIJ sought consent from some colleagues. After pooling a few phone numbers, FIJ created an account and attempted to perform a search. Before the platform granted access, it requested a top-up. That step revealed more details tying the site back to Abbeytech Ventures.
The homepage showed that many of these services cost only a few hundred naira. Some searches, including sensitive ones, went for as low as N70 or as high as N150.
Under Section 14 of the NIMC Act, 2007, only the Commission has the legal authority to establish and manage Nigeria’s identity database. Section 26 restricts access to personal data, allowing it only with consent, a court order or legal authorisation.
Section 28 criminalises the unauthorised sale or use of identity data, punishable by fines of at least N1 million or a minimum of three years in prison.
The Nigeria Data Protection Act (NDPA), 2023, further reinforces these protections. Section 25 mandates lawful, fair and transparent data processing. Section 41 requires data controllers to notify the Nigeria Data Protection Commission (NDPC) of any breaches within 72 hours. They must also alert individuals if the risks are high. Section 48 and Section 49 empower the NDPC to fine violators up to N10 million or 2 per cent of their annual revenue.
Despite the evidence of widespread access to personal data, NIMC denied any breach of its systems.
“The data did not emanate from the NIMC,” the agency said in a statement shared with FIJ. “There is no data leak from the NIMC. This should be noted for record purposes.”
NIMC also said it had no business relationship with the platform in question. It stated that access to its verification systems was granted only to licensed agents listed on its website.
“Our verification platform, the NINAuth, is highly secure with the power to control the data in the hands of the NIN holders. Our database security architecture is top-notch, secure and world-class with audit trails,” the agency said.
READ ALSO: After FIJ’s Story, Oyo Govt Quietly Removes Exposed TESCOM Data
The Commission added that an investigation by the Office of the National Security Adviser (ONSA) and the NDPC cleared it of any wrongdoing. NIMC insisted that it remained compliant with all NDPC protocols and that there had been no data exposure.
NIMC then urged Nigerians to use its official verification and authentication platform, NINAuth, available on the Google Play Store and Apple App Store.
It explained that even with access to a person’s NIN, its new biometric system makes it nearly impossible for cybercriminals to steal identities.
The post After FIJ’s Story, Website Selling BVNs, NINs Goes Dark appeared first on Foundation For Investigative Journalism.