The Ministry of Education has dismissed reports suggesting that the Nigeria Education Management Information System, NEMIS, was compromised by a cyber attack, insisting that the national education database remains secure and fully operational.
The ministry was reacting to a media report titled “Suspected Cyber attack Hits FG’s Education Data Platform,” which alleged that the government’s education data platform had been breached.
However, education authorities maintained that no such incident occurred and that the integrity of the system was never at risk.
In a statement on Tuesday by the Director of Press and Public Relations, Folasade Boriowo, the ministry described the report as misleading and inaccurate, stressing that NEMIS had neither been hacked nor subjected to any form of cyber intrusion.
According to the ministry, all data stored on the platform remains protected, with no disruption to its confidentiality, integrity, or availability.
The statement explained that the warning message encountered by some users stemmed from a Secure Sockets Layer, SSL, certificate configuration issue linked to the hosting environment rather than a security breach.
It clarified that while the technical fault temporarily affected secure access certification, it did not result in unauthorized access, loss of information, alteration of records, or exposure of sensitive data.
The ministry emphasized that the incident was strictly a technical challenge and bore no connection to malicious activity or system compromise.
It further disclosed that technical teams worked alongside the hosting service provider to address the configuration problem immediately after it was detected, leading to a swift restoration of normal services.
Following the intervention, the platform resumed normal operations and continues to be accessible to authorized users without any security concerns, the ministry said.
Addressing public concerns, the ministry noted that browser-generated SSL certificate warnings should not automatically be interpreted as evidence of a cyber attack.
It explained that such notifications can arise from routine maintenance issues, configuration errors, or certificate-related updates.
The statement also pointed to expert opinions referenced in the original report, noting that cybersecurity specialists generally recognize that security alerts do not always signify a successful breach or malicious intrusion.
While reaffirming its commitment to data protection, the ministry stated that NEMIS is supported by comprehensive security protocols, continuous system monitoring, infrastructure safeguards, and periodic security reviews designed to ensure the platform’s reliability and resilience.
