The Independent Electoral and Boundaries Commission (IEBC) on Sunday refuted reports by the Directorate of Criminal Investigations (DCI) on alleged hacking of the electronic voter register.
The commission was responding to reports on the arrest of a 21-year-old suspect, and a former telco staff on accusations of hacking into the IEBC database. DCI said the suspect acquired personal data of of 61,167 registered voters from a county in Western Kenya.
According to the DCI, the suspect was using the fraudulently acquired data to swindle mobile money users as well as mobile money agents.
The Commission’s Chairperson Wafula Chebukati however said the Biometric Voter Registration system is delinked from the open internet, and hence can’t be compromised.
“The BVR has been designed to have its own isolated network, set of servers as well as user account directory to ensure integrity, confidentiality and high availability,” stated Chebukati.
Chebukati said that the BVR system has never been hacked since its installation and commissioning.
He further explained that the data could have been possibly been obtained from entities that may have legitimately obtained the register from the Commission through a formal request.
“The Commission services numerous requests by various entities requiring register of voters from specific electoral areas. These requests are serviced upon payment of certain fees and in accordance with privacy laws requiring personally identifiable information to be kept confidential,” he said.
