FG dismisses report of cyberattack on education data platform

The Federal Ministry of Education has firmly denied recent reports alleging a cyberattack on the Nigeria Education Management Information System (NEMIS) platform. The ministry issued a statement on Tuesday, signed by Folasade Boriowo, Director of Press and Public Relations, to address the claims, describing the reports as "inaccurate and misleading."

“

The Ministry wishes to categorically state that the report is inaccurate and misleading. At no time was the NEMIS platform hacked, breached, or subjected to any cyberattack. The integrity, confidentiality, and availability of data on the platform remain fully intact.

According to the ministry, the platform was not hacked, breached, or subjected to any cyberattack. Officials explained that a temporary warning message encountered by some users was caused by a technical issue related to an SSL (Secure Sockets Layer) certificate configuration at the hosting level. This issue affected the platform's secure access certification but did not lead to any unauthorized access, data loss, alteration of records, or exposure of sensitive information.

The ministry emphasized that the incident was purely technical and that its technical team collaborated with the hosting service provider to resolve the matter promptly. Normal service operations have been restored, and the NEMIS platform remains fully functional, secure, and accessible to authorized users. The statement also clarified that browser security warnings or SSL certificate alerts should not be automatically interpreted as evidence of a cyberattack, as they can stem from routine technical or configuration problems.

“

The incident was purely technical in nature and did not involve any unauthorised access to the system, data loss, data alteration, or exposure of sensitive information.

NEMIS is highlighted as a crucial digital platform supporting the collection, management, and utilization of education data across Nigeria. The ministry reiterated its commitment to safeguarding the platform's operations through robust security measures, regular monitoring, infrastructure safeguards, and periodic security assessments.

“

It is important to note that browser security warnings or SSL certificate-related alerts do not, in themselves, constitute evidence of a cyberattack or data breach.