The Independent Electoral and Boundaries Commission (IEBC) has refuted reports on alleged hacking of its database.
The electoral body termed as inaccurate claims by the Directorate of Criminal Investigations (DCI) that a suspect in their custody, operating a high-tech mobile phone scam syndicate had hacked into IEBC database, and acquired personal details of 61,617 registered voters from a county in western Kenya.
IEBC chairman Wafula Chebukati said it was not possible to access the electronic register of voters which is kept in a Biometric Voter Registration (BVR) system and hosted on several servers that are not connected to the open internet.
“The Commission would like to clarify that this information is not factual. The Commission’s register of voters is kept in a Biometric Voter Registration (BVR) system which is hosted on several servers. The BVR system has been designed to have its own isolated network, set of servers as well as user account directory to ensure integrity, confidentiality and high availability” Chebukati said in a statement.
In addition, the IEBC boss explains that the Commission’s entire internal network is behind a high-security firewall system that has never been compromised since its installation eight years ago.
“What is currently being reported in the media is not data obtained through hacking of the BVR system but possibly from entities that may have legitimately obtained from the Commission through formal request and upon payment of requisite fees. The Commission invests highly in security of its information assets, including the electoral technologies” he added.
In accordance with access to information as provided by the Constitution, the Commission services numerous requests by various entities requiring a register of voters for specific electoral areas.
“These requests are serviced upon payment of certain fees and in accordance with privacy Laws requiring personally identifiable information to be kept confidential……and would like to assure all Kenyans that it is committed to protecting the same by ensuring their confidentiality, integrity and availability at all times” pledged the IEBC boss.
Last Friday the fraud suspect was arrested and a gunny bag full of SIM cards belonging to Safaricom, Airtel and Telcom mobile service providers were recovered.
His arrest followed a joint operation by detectives and Safaricom investigators after the suspect swindled an MPESA agent, an unspecified amount of money.
According to the detectives, the data, which was found in his possession, contains names of registered voters, their ID numbers and dates of birth allegedly obtained from IEBC database.
His arrest followed a joint operation by detectives & Safaricom investigators after the suspect swindled an MPESA agent, an unspecified amount of money. The fraudster masquerading as an M-PESA customer care attendant, called the agent & lured her into dialing unspecified codes. pic.twitter.com/pIWq2afMWe
— DCI KENYA (@DCI_Kenya) July 16, 2021