The Nigeria Police Force (NPF) has arrested eight suspects for allegedly creating 14 fake websites of the National Identity Management Commission (NIMC).
The police said 13 of the fraudulent sites have already been pulled down.
Deputy Force Public Relations Officer, Isuku Victor, disclosed this on Thursday while briefing reporters at the NPF National Cybercrime Centre (NCC) in Abuja.
Isuku said: ” The Nigeria Police Force, through its National Cybercrime Centre, has recorded a significant breakthrough in a high-profile cybercrime investigation involving unlawful access to a critical national information infrastructure (CNII).
“This milestone follows a formal petition submitted to the office of the Inspector-General of Police, IGP Kayode Adeolu Egbetokun, by the Director General of the National Identity Management Commission (NIMC), alleging unauthorised access, distribution, and commercialisation of Personally Identifiable Information (PII) of Nigerians.
“During this specialised investigation, the NPF-NCCC uncovered a sophisticated syndicate operating through multiple illicit online platforms, illegally interfacing with the National Identity Database (NIDB).
“The actors behind these heinous acts, one Hamzat Luqman and Babalola Tolani Sulaiman, were subsequently arrested in Kwara and Lagos States, respectively. Hamzat Luqman, a software developer, created and hosted the domain “goverify.com.ng” on behalf of Tolani for commercial verification purposes. He is also responsible for three other domains hosted for the same purpose”.
He said further investigations also led to the arrest of other threat actors, including Nura Bello (a software developer), Ibrahim Abubakar, linked to “idfinder.com.ng”, Shuara Kehinde Maroofdeen, Abubakar Hamisu, Abdullahi Salisu, and Ashiru Sani.
Isuku added: “The NPF-NCCC was able to achieve this great feat through the use of Digital Forensic techniques, which aided in identifying threat actors and domains involved in the unlawful sale and verification of NIN-linked PII.
“These domains have, however, been successfully deactivated. Other domains used to perpetuate these cyber intrusions include: verifymynin.com, trioplus.ng, goverify.com.ng, idfinder.com.ng, verify4me.com.ng, subpoint.com.ng, verify.datashop.com.ng, championtech.com.ng, anyverify.com.ng, kremtech.com.ng, nikeverify.humanity.com.ng, inventures.com.ng.
“Efforts are being intensified to apprehend other shadow perpetrators who engage in illegal distribution, commercialisation and unlawful access to Government databases and dismantle syndicates responsible for carrying out cyber-related offences.
“The Inspector-General of Police has again reaffirmed the commitment of the Nigeria Police Force under his leadership to combating all forms of cyber-crimes, safeguarding national digital assets, reinforcing data privacy laws, and protecting the integrity of citizen identification data”.
