The Independent National Electoral Commission (INEC) has responded to reports alleging unauthorised access to its Continuous Voter Registration (CVR) database and the subsequent disclosure of voter information linked to a political party’s primary election in the Federal Capital Territory.
In a statement issued by the National Commissioner and Chairman, Information and Voter Education Committee, Mohammed Kudu Haruna, the Commission said it has launched a full investigation into the incident, which has circulated widely on social media and in parts of the press.
INEC explained that during the ongoing CVR exercise, designated registration officers were granted controlled and role-specific access to the system strictly for official duties such as registering new voters, processing transfers, and updating records. The Commission noted that such access is routinely withdrawn after the exercise.
According to preliminary findings, audit trails have identified the user account through which the disputed information was accessed, and relevant personnel have been interrogated as part of ongoing inquiries. The Commission added that all affected units are cooperating with investigators.
INEC stated that it is currently examining technical, administrative and operational procedures to determine whether internal access-control protocols were breached and to establish individual responsibility where applicable.
However, the Commission stressed that early investigations indicate there was no external breach of its database, no hacking incident, and no unauthorised intrusion into its ICT infrastructure. It clarified that the data in question was accessed using valid internal credentials issued to authorised personnel involved in the CVR exercise, but allegedly released without authorisation.
INEC further noted that the incident relates only to the retrieval of a specific voter record and does not suggest any compromise of the broader voter database or the personal data of more than 90 million registered voters.
Reaffirming its commitment to data security and institutional integrity, the Commission said it treats the confidentiality of voter information with the highest level of seriousness and will take appropriate disciplinary and legal action against anyone found culpable.
It also confirmed that the Department of State Services (DSS) has independently commenced an investigation into the matter, and assured that it will fully cooperate with all security agencies.
INEC urged the public and media to avoid speculation while investigations are ongoing, adding that further updates will be provided upon conclusion of inquiries and determination of appropriate sanctions.
