INEC looks into voter data leak linked to Wike's aide

The Independent National Electoral Commission (INEC) has finally spoken about the issue involving Lere Olayinka, who is the spokesman for the Federal Capital Territory (FCT) Minister, Nyesom Wike.

Olayinka had mocked Nollywood actor Emeka Ike for registering in Imo State and moving his registration to the FCT on May 15. He shared two images in his post, which many social media users claimed had details taken from INEC’s admin login page.

The issue gained attention after Ike showed interest in running for the House of Representatives for the AMAC/Bwari Federal Constituency in the FCT under the Nigerian Democratic Congress (NDC). The situation raised a lot of questions as people wondered how the information got leaked from INEC's admin page.

On Tuesday, Mohammed Kudu Haruna, the National Commissioner and Chairman of the Information and Voter Education Committee, announced that an investigation is in progress.

The statement mentioned that Olayinka did not have direct access to the information but got it from people who did. "The attention of the Independent National Electoral Commission (INEC) has been drawn to allegations currently circulating on social media and in some sections of the media regarding the alleged unauthorised access to the Commission’s Continuous Voter Registration (CVR) database and the subsequent publication of information on a candidate in the recent primaries of a political party in the Federal Capital Territory."

He added, "The Commission takes this allegation seriously and has immediately commenced a thorough investigation to establish the facts surrounding the incident."

The statement explained that during the ongoing Continuous Voter Registration (CVR) exercise across the country, authorized INEC Registration Officers were given limited access to parts of the CVR system. This access helps them register new voters, process transfer requests, and update voter records when needed. Such access is only for official duties, and it is taken away when the exercise ends.

"The audit trail from the preliminary investigation has enabled the Commission to identify the user account through which the information was accessed. Accordingly, relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation."

The Commission is looking into all technical, administrative, and operational factors related to the issue. They want to find out who is responsible and the circumstances around the use of those credentials. They aim to find any breach of internal access-control rules before taking action against anyone involved.

So far, preliminary findings show that there was no outside breach of the CVR database, no hacking, and no unauthorized external access to INEC’s ICT systems. Instead, the information was accessed using valid user credentials given to staff involved in the ongoing CVR exercise but was shared without permission.

"The incident under investigation relates to the retrieval of a specific voter record and does not indicate any compromise of the Commission’s broader voter registration infrastructure or the personal data of over 90 million registered voters."

INEC stressed that it takes the security, confidentiality, and integrity of voter data very seriously. They remain committed to being transparent and protecting voters’ personal information.

In addition, the Department of State Services (DSS) has started its own independent investigation into the matter. INEC will work with all relevant security agencies and will refer anyone found guilty for legal action.

The public and media are encouraged to ignore baseless speculations while the investigation is ongoing. INEC will keep everyone updated on their final findings and any actions taken in response to this incident.