The official website of the Independent National Electoral Commission (INEC) was hacked, igniting prior discussions online about the security of government websites in Nigeria and INEC’s in particular due to the sensitive nature of the data in their possession.
The hackers identified as Nigerian Cyber Army left a message saying the INEC site has been attacked by them claiming that its “security is just an illusion”.
However, what was hacked is their corporate website and is probably not connected to the massive database of voters across the country. The main cause of the hack is what is known as SQL Injection in the IT Industry.
SQL injection is a scenario in which a hacker writes a script which attacks a data-driven site and are used to insert a malicious entry into a database to execute a command. SQL injection mostly occurs when there are vulnerabilities in an application, in this case (WordPress). SQL injection is mostly known as an attack for web portals but can actually be used to attack any type of SQL database.
INEC later restored back the website.