INEC looks into unauthorized access to voter database

The Independent National Electoral Commission (INEC) has started looking into claims of unauthorized access to its Continuous Voter Registration (CVR) database. There are also allegations about the leaking of personal information of a candidate from a recent political party primary election in the Federal Capital Territory (FCT). The commission shared this news in a statement on Tuesday from Mohammed Kudu Haruna, who is the National Commissioner and Chairman of its Information and Voter Education Committee (IVEC).

INEC said it takes these allegations seriously. The commission is launching a full investigation to find out what really happened. It noted that authorized registration officers involved in the ongoing CVR exercise have controlled access to certain parts of the registration system. This access allows them to register new applicants, handle transfer requests, and update voter records. INEC made it clear that this access is only for official work and is taken away at the end of each day's activities.

The commission also reported that its preliminary checks have helped identify the specific user account that was used to compromise the information. Relevant staff have been questioned, and the teams involved are cooperating fully with the investigation. INEC is looking at all technical, administrative, and operational issues related to the incident to determine who is responsible and how the misuse of credentials happened. They are also checking if there was any breach of their internal access-control protocols.

But INEC emphasized that initial findings show there was no external breach of the CVR database. There was no hacking or unauthorized access to its information technology systems. Instead, INEC confirmed that the data was accessed using valid credentials assigned to internal staff, which were later leaked without permission. "The incident under investigation relates to the unauthorized retrieval of a single, specific voter record and does not indicate any compromise of the commission’s broader voter registration infrastructure or the personal data of over 90 million registered voters," the statement said.

INEC assured Nigerians that it is committed to the safety, confidentiality, and integrity of voter data. The commission promised to remain open and protect personal information. It also mentioned that the Department of State Services (DSS) has started an independent investigation into the issue. INEC stressed that it will work with state security agencies and will not hesitate to send anyone found guilty for criminal prosecution. The commission urged the public and the media to ignore ongoing rumors while the investigation is ongoing. They promised to share their final findings and any disciplinary actions once the probe is complete.