The Independent National Electoral Commission (INEC) has launched an investigation into allegations of unauthorized access to its Continuous Voter Registration (CVR) database following the circulation of information relating to a candidate who participated in the recent primaries of a political party in the Federal Capital Territory (FCT).
In a statement issued on Tuesday by Mohammed Kudu Haruna, National Commissioner and Chairman of the Information and Voter Education Committee (IVEC), the Commission said it became aware of reports circulating on social media and in parts of the media alleging that information had been improperly obtained from its voter registration database.
INEC stated that it treats the matter with utmost seriousness and has commenced a comprehensive investigation to determine the circumstances surrounding the incident.
According to the Commission, authorized Registration Officers participating in the ongoing nationwide CVR exercise were granted controlled access to specific components of the registration system for official purposes, including registering new voters, processing transfer requests, and updating voter records. Such access, INEC noted, is limited strictly to official duties and withdrawn once the exercise concludes.
The Commission disclosed that preliminary findings from its audit trail have enabled investigators to identify the user account through which the information was accessed. Relevant personnel have since been questioned, while all units connected to the matter are cooperating with the ongoing investigation.
INEC said it is examining the technical, administrative, and operational aspects of the incident to establish individual responsibility and determine whether any internal access-control protocols were breached before appropriate disciplinary or legal actions are taken.
However, the Commission emphasized that preliminary investigations show there was no external breach of its database, no hacking incident, and no unauthorized access to its ICT infrastructure from outside the organization. Rather, the information was reportedly accessed using valid credentials assigned to personnel involved in the current CVR exercise and subsequently disclosed without authorization.
The Commission further clarified that the incident involved the retrieval of a specific voter record and does not suggest any compromise of the broader voter registration infrastructure or the personal data of more than 90 million registered voters.
Reaffirming its commitment to data protection, INEC stated that it remains dedicated to safeguarding the security, confidentiality, and integrity of voter information while upholding transparency and institutional accountability.
The statement also revealed that the Department of State Services (DSS) has independently commenced an investigation into the matter. INEC pledged full cooperation with security agencies and warned that any individual found culpable would face appropriate legal consequences.
The Commission urged members of the public and media organizations to avoid speculation while investigations are ongoing, assuring Nigerians that its final findings and any measures taken in response to the incident will be made public in due course.
About The Author
