Sunday’s electoral college countered allegations that hackers broke into the server and obtained the personal information of at least 61,000 registered voters.
Earlier, the Federal Bureau of Investigation (DCI) said it had arrested a 21-year-old fraudulent suspect who allegedly hacked into a server of the Independent Constituency Commission (IEBC).
The suspect, identified only as Kiprop by DCI, is said to be the brain behind a tech cell phone fraud syndicate stealing millions of shillings from M-Pesa agents across the country.
However, in a statement on Sunday, IEBC President Wafula Chebukati said these reports were not true.
Chebukati explained that voter registration is held in a biometric voter registration (BVR) system. It has never been tampered with since it was installed eight years ago, he said.
According to Chebukati, the BVR system was designed to have its own isolated network that makes it difficult for hackers to break in.
“Since the system was installed and commissioned eight years ago, the BVR system that hosts the voter registration used during the election has never been hacked because the server has not been connected to the open Internet,” the statement said. Stated.
“In addition, the rest of the Commission’s entire internal network is behind a high-security firewall system.”
Authorities pledge action after complaints about political party “information leaks”
Possible sources of information
Chebukati said the data in question may have come from the entity that obtained the data by legitimate means.
The Constitution allows the IEBC to offer some of its voter registration for a fee (for certain constituencies).
“The Commission responds to a number of requests from various organizations that require the registration of voters in a particular constituency. These requests are the confidentiality of personally identifiable information when paying a particular fee. Will be processed in accordance with the privacy laws that require.
In 2019, the Orange Democratic Movement paid 15,000 silling as a registration fee for the Qibla constituency in Nairobi during the by-elections after the death of Congressman Ken Okoth.
The IEBC chair said, “What is currently being reported in the media is not the data obtained through hacking the BVR system, but may have been legally obtained from the Commission at the required fee through a formal request. It’s data from an entity. “
DCI claimed that Kiprop accessed the IEBC database and stole the personal information of 61,617 registered voters from a county in western Kenya.
The data he holds includes the names, ID numbers, and dates of birth of registered voters.
According to DCI boss George Kinoti, fraudsters contact various wireless operators and convince customer service agents that they are the true owners of the line.
If the sim swapping is successful, the suspect will be granted full access to the victim’s online account.
Kiprop, who previously worked for one of Kenya’s mobile networks, was arrested Friday morning and seized a jute bag full of Safaricom, Airtel and Telcom SIM cards.
The suspect was arrested in Juja by an investigator at the Criminology Research and Information Agency with the help of Safaricom’s fraud investigation team and security guards at Jomo Kenyatta University of Agricultural Technology.
Source link Kenya: IEBC denies server hacking claims and states that BVR systems are safe