Nigeria’s federal government dismisses system breach reports in Nigeria’s Integrated Personnel and Payroll Information System (IPPIS).
The statement, signed by Bawa Mokwa, Director of Press and Public Relations at the OAGF, reassured Nigerian civil servants that their data remains safe and the system’s security has not been compromised.
The concerns about data vulnerability arose from recent media reports alleging that the payroll validation section of the IPPIS website had been hijacked, leading to the suspension of some staff of the OAGF.
These reports suggested that the expired security certificate of the website may have left employees’ information at risk of being accessed by hackers, leaving workers vulnerable to issues like phishing and unauthorised salary deductions.
However, the OAGF categorically denied these claims, clarifying that no sensitive information is stored on the website and that IPPIS operations are securely managed through a separate platform.
In its official response, the OAGF, which manages the IPPIS alongside other financial management initiatives, explained that the IPPIS website is solely used for sharing information, not for handling payroll transactions or storing personal data.
“The website is the medium to share information. Neither payroll nor payment is made through the website; therefore, no data is contained in the website,” part of the statement read.
OAGF assurance
The OAGF assured that Nigeria’s IPPIS is backed by a comprehensive ICT security policy that aligns with global cybersecurity best practices and ensures the protection of digital assets, guarding against unauthorised access and data breaches.
Per the OAGF, a secure platform and database, procured from HELIX-FONS, were used to support the payroll validation process, which has since been concluded and the portal was permanently shut down.
This comes in the wake of a broader concern about government IT security and efficiency, especially regarding how it protects personnel and citizens’ information across the country.
Read Also: LabLabee Closes $3.4M Seed to Expand its Offerings
For example, in June 2024, a digital rights company accused AnyVerify of selling sensitive Nigerian data, including the National Identity Number (NIN), online for ₦100. A few days later, the National Identity Management Commission (NIMC) flagged five websites for allegedly obtaining Nigerians’ data without permission.
Given IPPIS’s crucial role in ensuring prompt payment of salaries, the allegations of data breaches or malfunctions naturally raised alarm among civil servants.
Leave a comment and follow us on social media for more tech news:
- Facebook: Today Africa
- Instagram: Today Africa
- Twitter: Today Africa
- LinkedIn: Today Africa
- YouTube: Today Africa Studio