The Independent National Electoral Commission (INEC) has launched an investigation into allegations of unauthorized access and disclosure of information from its Continuous Voter Registration (CVR) database.
The commission disclosed this in a statement issued by Mohammed Haruna, National Commissioner and Chairman of the Information and Voter Education Committee (IVEC), on Tuesday in Abuja.
Reports claimed that voter data of a candidate in the recent Federal Capital Territory (FCT) party primaries was leaked using official access credentials. INEC’s preliminary findings showed no evidence of an external cyber-attack, but the commission took the allegation seriously and has begun a thorough investigation to establish the facts.
Haruna explained that, as part of the ongoing nationwide CVR exercise, authorized INEC Registration Officers had controlled access to specific parts of the CVR system. This access was meant for registering new voters, processing transfer requests, and updating records, and was restricted to official duties only. Such access was revoked after the exercise.
The preliminary investigation’s audit trail allowed the commission to identify the user account responsible for the data access. Relevant personnel have been questioned, and all involved units are cooperating fully.
The commission is examining all technical, administrative, and operational factors to establish individual responsibility and determine the circumstances surrounding the credential use. The investigation aims to confirm whether there was a breach of internal access protocols.
Haruna stated that early findings indicate there was no external breach, hacking, or unauthorized external access. The data was accessed using valid user credentials assigned to personnel involved in the CVR exercise, but these credentials were released without proper authority.
The incident involved retrieval of a specific voter record and did not affect the broader voter registration system or the personal data of over 90 million registered voters.
INEC emphasizes that it takes the security and confidentiality of voter data very seriously and remains committed to transparency and protecting voters’ information. The Department of State Services (DSS) has also initiated an independent investigation.
The commission will continue to cooperate with security agencies and will take legal action against anyone found culpable. It urges the public and media to disregard unfounded speculation during the investigation and promises to update the public on final findings and measures taken.
