ISLAMABAD: The National Database and Registration Authority (NADRA) on Tuesday denied data breach allegations.
A day after a letter by the Election Commission of Pakistan (ECP) criticised NADRA for a potential threat to security data related to computerised electoral rolls system (CERS) surfaced, NADRA officials claimed the authority did not share sensitive data.
Addressing a press conference in Islamabad, the four director generals of the authority asserted that the allegations of data leakage were baseless. “There has never been a data breach in the history of NADRA. We have never shared any citizen’s data with anyone,” said an official. He added that the ECP had also clarified that the letter did not hint at a security breach.
Earlier in the day, a NADRA official told Radio Pakistan that some data had been shared with media persons under the Right to Information law. However, he stressed that the information was unrelated to electoral rolls and did not contain any personal data. “The information shared only contained statistical numbers about gender, minorities and age-groups of CNIC holders,” he said.
In the aforementioned letter, the ECP showed reservations on reports being leaked to media. “There are insiders who have crept into the system and provided information to outsiders.”
The commission said the report had been shared with non-recipients even before it was submitted to ECP. “It also supports apprehensions that other data related to voters might have also been shared with unauthorised hands when such detailed reports are being shared.”
As the letter garnered attention, the ECP said the letter was about the publication of electoral lists in newspapers. It dismissed reports of seeking clarification of data leaks from NADRA over a request made by Pakistan Tehreek-e-Insaf (PTI).