This archive report was first published on 18 July 2021.
On July 18, 2021, the Independent Electoral and Boundaries Commission (IEBC) responded to reports by the Directorate of Criminal Investigations (DCI) on alleged hacking of the electronic voter register.
The DCI had reported the arrest of a 21-year-old suspect and a former telco staff on accusations of hacking into the IEBC database. The suspect allegedly acquired personal data of 61,167 registered voters from a county in Western Kenya.
According to the DCI, the suspect was using the fraudulently acquired data to swindle mobile money users as well as mobile money agents.
However, IEBC Chairperson Wafula Chebukati denied the allegations, stating that the Biometric Voter Registration system is delinked from the open internet and cannot be compromised.
"The BVR has been designed to have its own isolated network, set of servers as well as user account directory to ensure integrity, confidentiality and high availability," Chebukati explained.
Chebukati further stated that the BVR system has never been hacked since its installation and commissioning.
He suggested that the data could have been obtained from entities that may have legitimately obtained the register from the Commission through a formal request.