News / National
Zimbabwe electoral body's database hacked
19 Jul 2018 at 01:33hrs | Views
UNDERFIRE Zimbabwe Electoral Commission (Zec) chairperson Justice Priscilla Chigumba has sensationally claimed that suspected hackers recently broke into the electoral management body's database and stole crucial information on the biometric voters' roll, escalating fears of electoral manipulation ahead of the polls.
The development comes in the wake of publication of a report by an independent data management team exposing irregularities, errors and omissions on the voters' roll, which threatens the credibility of the polls, which are just a few days away.
Chigumba told local radio station StarFM on Monday that the hackers cloned the commission's domain, which hosted the voters' roll complete with phone numbers and splashed the data on the internet.
"That was a serious cyber security breach. They actually cloned our site and we are in the process of doing something about it and we should have that site taken down in the course of the week," she said.
"The host is UK-based, so it's not actually in Zimbabwe. So we can't use any of our local laws to bring it down, but we are trying our best."
The development raises further concerns over the credibility of the voters' roll and security of the ballot considering that the biometric voters' data captured by Zec during the voter registration included personal details such as fingerprints, pictures, addresses, cellphone numbers, national identity numbers and physical addresses.
The alleged security breach came after Zec was warned by biometric voter registration kits suppler Laxton Group Limited that such security breaches were possible.
"Allowing this data to go through multiple systems and companies will create obvious issues and open up holes for data breach," Laxton Group warned in a security report dated June 6, 2017.
Chigumba made the disclosure after she was accused of leaking voters' personal phone number to the ruling Zanu-PF party.
Initially, Zec accused telecommunications service providers and retail shops of supplying the numbers to the ruling party.
Chigumba said they had now roped in ICT minister Supa Mandiwanzira to assist with the investigations.
"It's not in our interest to give out our database to anybody because it exposes the commission to lawsuits. In fact, to be honest with you, my name is on that voters' roll, the names of my children are on that voters' roll," she said.
Mandiwanzira last week said: "This cyber security breach is unacceptable. The ministry is aware that Zec issued a protected copy of the roll while the one that has been published on the internet is unprotected. Such data cannot and should not be made public without permission of the voters themselves."
But political analyst Ibbo Mandaza rubbished claims that Zec could have been hacked, saying Zec was trying to cover up and clear its soiled image.
"It shows that Zec is not in control or ready for the elections. The military is in charge like it has always been in the past 18 years. So people are right in being suspicious over the leak. It's not by accident, it's a process," he said.
Meanwhile, Team Pachedu, which recently conducted its own external audit of the voters' roll, this week gave Zec an adverse report of its findings.
Zec director of public relations Justin Manyau confirmed receipt of the report and said it had been forwarded to the body's technical team.
The development comes in the wake of publication of a report by an independent data management team exposing irregularities, errors and omissions on the voters' roll, which threatens the credibility of the polls, which are just a few days away.
Chigumba told local radio station StarFM on Monday that the hackers cloned the commission's domain, which hosted the voters' roll complete with phone numbers and splashed the data on the internet.
"That was a serious cyber security breach. They actually cloned our site and we are in the process of doing something about it and we should have that site taken down in the course of the week," she said.
"The host is UK-based, so it's not actually in Zimbabwe. So we can't use any of our local laws to bring it down, but we are trying our best."
The development raises further concerns over the credibility of the voters' roll and security of the ballot considering that the biometric voters' data captured by Zec during the voter registration included personal details such as fingerprints, pictures, addresses, cellphone numbers, national identity numbers and physical addresses.
The alleged security breach came after Zec was warned by biometric voter registration kits suppler Laxton Group Limited that such security breaches were possible.
"Allowing this data to go through multiple systems and companies will create obvious issues and open up holes for data breach," Laxton Group warned in a security report dated June 6, 2017.
Chigumba made the disclosure after she was accused of leaking voters' personal phone number to the ruling Zanu-PF party.
Initially, Zec accused telecommunications service providers and retail shops of supplying the numbers to the ruling party.
Chigumba said they had now roped in ICT minister Supa Mandiwanzira to assist with the investigations.
"It's not in our interest to give out our database to anybody because it exposes the commission to lawsuits. In fact, to be honest with you, my name is on that voters' roll, the names of my children are on that voters' roll," she said.
Mandiwanzira last week said: "This cyber security breach is unacceptable. The ministry is aware that Zec issued a protected copy of the roll while the one that has been published on the internet is unprotected. Such data cannot and should not be made public without permission of the voters themselves."
But political analyst Ibbo Mandaza rubbished claims that Zec could have been hacked, saying Zec was trying to cover up and clear its soiled image.
"It shows that Zec is not in control or ready for the elections. The military is in charge like it has always been in the past 18 years. So people are right in being suspicious over the leak. It's not by accident, it's a process," he said.
Meanwhile, Team Pachedu, which recently conducted its own external audit of the voters' roll, this week gave Zec an adverse report of its findings.
Zec director of public relations Justin Manyau confirmed receipt of the report and said it had been forwarded to the body's technical team.
Source - newsday