By Our Reporter
The Independent National Electoral Commission (INEC) has commenced an investigation into allegations of unauthorized access to its Continuous Voter Registration (CVR) database and the subsequent disclosure of information relating to a candidate in a recent political party primary election in the Federal Capital Territory (FCT).
In a statement signed by Mohammed Kudu Haruna, National Commissioner and Chairman of the Information and Voter Education Committee (IVEC) said the Commission said it had taken the allegations seriously and immediately launched a thorough investigation to establish the facts surrounding the incident.
INEC explained that as part of the ongoing nationwide Continuous Voter Registration exercise, authorized registration officers were granted controlled access to specific components of the CVR system to register new applicants, process transfer requests, and update voter records where necessary.
The Commission emphasized that such access is strictly limited to official duties and is withdrawn at the conclusion of the exercise.
According to the statement, preliminary findings from the Commission’s audit trail have enabled investigators to identify the user account through which the information was accessed.
“As a result, relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation,” the Commission stated.
INEC said it is also examining the technical, administrative, and operational circumstances surrounding the use of the credentials in order to establish individual responsibility and determine whether any internal access-control protocols were violated.
However, the electoral body clarified that its preliminary audit findings indicate there was no external breach of the CVR database, no hacking incident, and no unauthorized access to its Information and Communication Technology (ICT) infrastructure.
Rather, it said the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but was subsequently released without authorization.
The Commission further noted that the incident relates only to the retrieval of a specific voter record and does not suggest any compromise of the broader voter registration infrastructure or the personal data of more than 90 million registered voters nationwide.
Reaffirming its commitment to data security, INEC said it treats the confidentiality, integrity, and protection of voter information with utmost seriousness.
The Commission also disclosed that the Department of State Services (DSS) has independently commenced an investigation into the matter.
It pledged full cooperation with security agencies and vowed to ensure that any individual found culpable would face appropriate legal action.
INEC urged members of the public and the media to disregard speculation while investigations are ongoing, assuring Nigerians that it would make its final findings and any actions taken public in due course.
