A Nigerian man who identified himself as Sam on the internet has stirred fears among netizens after he shared details of how he allegedly hacked into the server of the National Identity Management Commission to have access to over three million National Identity Numbers of Nigerians.
Naija News understands that the Nigerian Communications Commission (NCC), being the nation’s premier communications regulatory agency under the Federal Ministry of Communications & Digital Economy is saddled with the responsibility of working with all stakeholders to ensure secure cyberspace that is safe for the operators and consumers of communications services and infrastructure in Nigeria.
However, despite all that the NCC has promised to deliver, Sam shared how easy it was for him to breach the NIMC server and access the personal information of millions of Nigerians.
The cyber-tech young man in an article he shared on infosecwriteups.com, boasted that he got access to “juice” on the Nigerian Government agency’s server and that he could go-ahead to do whatever he desired with the sensitive data at his disposal.
A quick check by Naija News on [infosecwriteups.com], the site where Sam disclosed his newest hacking achievement, showed that the site was specially built for a collection of awesome write-ups from the best hackers in the world.
Topics shared on the platform ranges from bug bounties, CTFs, Hack the box walkthroughs, hardware challenges, real-life encounters and everything which can help other enthusiasts learn.
Sharing further details of his attack on the nation’s NIMC server, Sam displayed a defaced National Identity card of a Nigerian alongside his article.
He wrote: “I’ve got one more output for s3 bucket, I casually tried to access it without any hope, and damn! The s3 bucket is full of juice.
“I just simply got access to their (Nigeria) data of internal files, users and everything they have. I can download everything, even the whole bucket. I am sure that the bucket is full of juice.
“I wanted to look at more files but as we have to follow bug bounty rules I stopped doing more.
“I’ve got one more s3 bucket with nuclei and it also contained about 4–5 gigs of data.
“I’ve rewarded 5250$ for only one report and 0$ for the second one even it contained so much sensitive data,” Sam wrote.
Sam’s write-up has stirred a barrage of reactions on social media as some Nigerians on Twitter especially the tech enthusiasts lament how vulnerable the security system of the NIMC server is.
Naija News understands that the alleged hacking of the NIMC server has sent a wrong and displeasing signal to citizens, highlighting the danger the country’s residents and investments are currently under.