'Hackers downloaded voters' personal data'

'Hackers downloaded voters' personal data'
Published: 13 July 2018
The Information Communication Technology  (ICT) and Cyber Security ministry has said personalised, unsolicited campaign messages sent to potential voters' mobile phones by the ruling party could have emanated from an unprotected voters' roll published on the Internet.

While the Zimbabwe Electoral Commission (Zec) has staunchly denied surreptitiously leaking voters' data to the ruling Zanu-PF party, opposition leader Nelson Chamisa - who staged a massive demonstration in the capital Harare yesterday - said Zec was working in cahoots with the ruling party to steal the vote and "has been caught with its hands in the cookie jar".

"There is no legal way for any political party to access voter phone numbers," Chamisa said.

ICT and Cyber Security minister Supa Mandiwanzira said yesterday his ministry is aware that Zec issued a protected copy of the roll while the one that has been published on the Internet is unprotected.

"Such data cannot and should not be made public without the permission of the voters themselves. Publication of physical addresses and phone numbers of voters without their authority is an abuse of the Internet just as it is unconstitutional," Mandiwanzira said in a statement.

The statement did not state how information on the Zec database was downloaded to the Internet by the unknown party.

There are questions why there was no password or authentication of any kind protecting the information.

This is the first time Zimbabwe's confidential electoral rolls have been discovered on the Internet.

Mandiwanzira said: "The ministry will not hesitate to take action against those found to be undermining the people's right to privacy. The ministry hereby warns those that are publishing the unprotected voters' roll and the Internet service provider hosting the site to cease their actions immediately. The ministry will not hesitate to take action against those found to be undermining the people's right to privacy."

The revelations raise questions whether the database containing sensitive personal details of over five million Zimbabwean voters is secure or not.

Two weeks ago, Zec chairperson Priscilla Chigumba said they were forced to tighten security to avoid disruption of the biometric voter registration (BVR) servers after there were attempts to hack into the system.

The hackers did not succeed, according to Chigumba.

On Monday, Chigumba denied Zec had given personal information of voters to Zanu-PF but promised to conduct an investigation to ascertain what really happened.

Zec commissioner Qhubani Moyo suggested that mobile network operators could have sold the customer data to Zanu-PF but Econet Wireless quickly refuted Zec's statements saying that it doesn't sell or give customer data to any third parties except to Potraz as part of the regulatory requirements. The State-run Telecel and NetOne have remained mum.

Potraz also joined the bandwagon saying they did not share any subscriber information with third parties as alleged by Zec.

International Crisis Group's senior consultant for Southern Africa, Piers Pigou, said there was no smoke without fire.

"What are the implications of this breach of private data? Especially in a context where the legacies of fear and suspicion run so deep," he pondered.

Chamisa said the targeted campaign messaging is the biggest political scandal of the year considering that Zec is supposed to guarantee the privacy of voters and called for a full-fledged investigation to establish how Zanu-PF ended with cell phone numbers of registered voters.

"Zec has become an extension of Zanu-PF. It is surprising that those in Zanu-PF have become spokespersons of Zec, we have the likes of Pupurai Togarepi and Simon Khaya Moyo defending Zec. We have established that there is some sharing of data between Zanu-PF and Zec, and we want that investigated," said Chamisa.

Zanu-PF's spokesperson Simon Khaya Moyo has said on Tuesday that the ruling party has no issue with Zec and was never given a voters' roll with contacts details of registered voters.

"This is absolutely nonsense, Zec is an independent body, they are not part of our structures, we are not going to get into a corner with them, why should we?" asked Khaya Moyo.

Asked how Zanu-PF candidates ended up having contact details of registered voters in particular constituencies, Khaya Moyo said "why don't you ask them".
- dailynews
Tags: Hackers,


Latest News

Latest Published Reports

Latest jobs