The electoral agency Sunday refuted claims that hackers infiltrated its servers and obtained the personal details of at least 61,000 registered voters.
Earlier, the Directorate of Criminal Investigations (DCI) said it had arrested a 21-year-old fraud suspect said to have hacked into the servers of the Independent Electoral and Boundaries Commission (IEBC).
The suspect, identified by the DCI only as Kiprop, is said to be the brains behind a high tech mobile phone scam syndicate that has been stealing millions of shillings from M-Pesa agents across the country.
In a statement on Sunday, however, IEBC chairman Wafula Chebukati said these reports were not factual.
Mr Chebukati explained that the register of voters is kept in a Biometric Voter Registration (BVR) system, which he said has never been tampered with since it was installed eight years ago.
According to Mr Chebukati, the BVR system was designed to have its own isolated network making it difficult for hackers to infiltrate it.
“Since installation and commissioning of the system eight years ago, the BVR system that hosts the register of voters used during elections has never been hacked because the servers are not connected to the open internet,” the statement said.
“In addition, the rest of the commission’s entire internal network is behind a high security firewall system.”
Possible sources
Mr Chebukati said the data in question could have been obtained from entities that acquired it through legitimate means.
The Constitution allows the IEBC to give part of the register of voters – for specific electoral areas – at a fee.
“The commission services numerous requests by various entities requiring the register of voters for specific electoral areas. These requests are serviced upon payment of certain fees and in accordance with privacy laws requiring personally identifiable information to be kept confidential.
In 2019, the Orange Democratic Movement paid Sh15,000 for the register for Kibra Constituency, Nairobi, during a by-election that followed the death of MP Ken Okoth.
The IEBC chair said: “What is currently being reported in the media is not data obtained through hacking of the BVR system but possibly from entities that may have legitimately obtained it from the commission through formal requests and upon payment of requisite fees.”
Credit: Source link