‘Hackers downloaded voters’ personal data’ 

Source: ‘Hackers downloaded voters’ personal data’ – DailyNews Live

Farayi Machamire      12 July 2018

HARARE – The Information Communication Technology  (ICT) and Cyber
Security ministry has said personalised, unsolicited campaign messages
sent to potential voters’ mobile phones by the ruling party could have
emanated from an unprotected voters’ roll published on the Internet.

While the Zimbabwe Electoral Commission (Zec) has staunchly denied
surreptitiously leaking voters’ data to the ruling Zanu PF party,
opposition leader Nelson Chamisa – who staged a massive demonstration in
the capital Harare yesterday – said Zec was working in cahoots with the
ruling party to steal the vote and “has been caught with its hands in the
cookie jar”.

“There is no legal way for any political party to access voter phone
numbers,” Chamisa said.

ICT and Cyber Security minister Supa Mandiwanzira said yesterday his
ministry is aware that Zec issued a protected copy of the roll while the
one that has been published on the Internet is unprotected.

“Such data cannot and should not be made public without the permission of
the voters themselves. Publication of physical addresses and phone numbers
of voters without their authority is an abuse of the Internet just as it
is unconstitutional,” Mandiwanzira said in a statement.

The statement did not state how information on the Zec database was
downloaded to the Internet by the unknown party.

There are questions why there was no password or authentication of any
kind protecting the information.

This is the first time Zimbabwe’s confidential electoral rolls have been
discovered on the Internet.

Mandiwanzira said: “The ministry will not hesitate to take action against
those found to be undermining the people’s right to privacy. The ministry
hereby warns those that are publishing the unprotected voters’ roll and
the Internet service provider hosting the site to cease their actions
immediately. The ministry will not hesitate to take action against those
found to be undermining the people’s right to privacy.”

The revelations raise questions whether the database containing sensitive
personal details of over five million Zimbabwean voters is secure or not.

Two weeks ago, Zec chairperson Priscilla Chigumba said they were forced to
tighten security to avoid disruption of the biometric voter registration
(BVR) servers after there were attempts to hack into the system.

The hackers did not succeed, according to Chigumba.

On Monday, Chigumba denied Zec had given personal information of voters to
Zanu PF but promised to conduct an investigation to ascertain what really
happened.

Zec commissioner Qhubani Moyo suggested that mobile network operators
could have sold the customer data to Zanu PF but Econet Wireless quickly
refuted Zec’s statements saying that it doesn’t sell or give customer data
to any third parties except to Potraz as part of the regulatory
requirements. The State-run Telecel and NetOne have remained mum.

Potraz also joined the bandwagon saying they did not share any subscriber
information with third parties as alleged by Zec.

International Crisis Group’s senior consultant for Southern Africa, Piers
Pigou, said there was no smoke without fire.

“What are the implications of this breach of private data? Especially in a
context where the legacies of fear and suspicion run so deep,” he
pondered.

Chamisa said the targeted campaign messaging is the biggest political
scandal of the year considering that Zec is supposed to guarantee the
privacy of voters and called for a full-fledged investigation to establish
how Zanu PF ended with cell phone numbers of registered voters.

“Zec has become an extension of Zanu PF. It is surprising that those in
Zanu PF have become spokespersons of Zec, we have the likes of Pupurai
Togarepi and Simon Khaya Moyo defending Zec. We have established that
there is some sharing of data between Zanu PF and Zec, and we want that
investigated,” said Chamisa.

Zanu PF’s spokesperson Simon Khaya Moyo has said on Tuesday that the
ruling party has no issue with Zec and was never given a voters’ roll with
contacts details of registered voters.

“This is absolutely nonsense, Zec is an independent body, they are not
part of our structures, we are not going to get into a corner with them,
why should we?” asked Khaya Moyo.

Asked how Zanu PF candidates ended up having contact details of registered
voters in particular constituencies, Khaya Moyo said “why don’t you ask
them”.