The Independent National Electoral Commission (INEC) has dismissed reports suggesting that its Continuous Voter Registration (CVR) database was hacked, revealing instead that information linked to a candidate in a recent political party primary election in the Federal Capital Territory was accessed using valid staff credentials and released without authorization.
In a statement issued on Tuesday, INEC said it had commenced a comprehensive investigation into allegations of unauthorized access to its voter registration database following the circulation of information relating to a candidate on social media and in sections of the media.
The Commission explained that authorized registration officers participating in the ongoing nationwide Continuous Voter Registration exercise were granted controlled access to specific sections of the CVR system strictly for official duties such as registering new voters, processing transfers, and updating voter records.
According to INEC, preliminary findings from its audit trail identified the specific user account through which the information was accessed. Relevant personnel have since been questioned, while all units connected to the incident are cooperating with investigators.
The electoral body stressed that its findings so far show there was no external breach of the CVR database, no hacking incident, and no unauthorized access to its ICT infrastructure.
“Rather, the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority,” the Commission stated.
INEC further clarified that the incident involved the retrieval of a specific voter record and did not compromise the broader voter registration infrastructure or the personal data of more than 90 million registered voters across the country.
The Commission said it is examining all technical, administrative, and operational factors surrounding the incident to establish responsibility, determine whether internal access-control protocols were violated, and take appropriate disciplinary or legal action where necessary.
Reaffirming its commitment to data protection, INEC said the security, confidentiality, and integrity of voter information remain a top priority.
Meanwhile, the Department of State Services (DSS) has also commenced an independent investigation into the matter. INEC pledged full cooperation with security agencies and vowed to prosecute anyone found culpable.
The Commission urged Nigerians and media organizations to avoid speculation while investigations continue, assuring the public that it would disclose its final findings and any corrective measures taken upon completion of the probe.
The statement was signed by Mohammed Kudu Haruna, National Commissioner and Chairman of the Information and Voter Education Committee.
