By Daily Review Online
The Independent National Electoral Commission (INEC) has commenced an investigation into allegations of unauthorized access to its Continuous Voter Registration (CVR) database and the disclosure of information relating to a candidate in a recent political party primary election in the Federal Capital Territory (FCT).
Recall that in a social media post, FCT Minister Nyesom Wike’s spokesman, Lere Olayinka had exposed access to what appeared to be INEC’s restricted voter registration database while criticizing actor-politician Emeka Ike’s voter transfer. The post reportedly contained screenshots showing detailed voter-transfer information and administrative timestamps, prompting questions about how a political aide obtained such data. Critics raised concerns about voter privacy, data security, and possible unauthorized access to electoral records.
In a statement issued on Tuesday, signed by Mohammed Kudu Haruna, National Commissioner and Chairman of the Information and Voter Education Committee (IVEC). the Commission said it had taken the allegations seriously and immediately launched a thorough probe to establish the circumstances surrounding the incident.
According to INEC, authorized Registration Officers participating in the ongoing nationwide CVR exercise were granted controlled access to specific components of the registration system to enable them perform official duties such as registering new voters, processing transfer requests, and updating voter records. The Commission stressed that such access is strictly limited to official responsibilities and is withdrawn at the end of the exercise.
INEC disclosed that preliminary investigations and audit trails had enabled it to identify the user account through which the information was accessed. It added that relevant personnel had been questioned and that all units connected to the matter were cooperating with investigators.
The Commission said it was examining all technical, administrative, and operational factors related to the incident to determine individual responsibility, establish the circumstances under which the credentials were used, and identify any violations of internal access-control protocols.
However, INEC emphasized that its preliminary findings showed there was no external breach of the CVR database, no hacking incident, and no unauthorized external access to its information and communications technology infrastructure.
Rather, the Commission said the information was accessed using valid credentials assigned to personnel involved in the ongoing voter registration exercise and was subsequently released without authorization.
INEC further clarified that the incident involved the retrieval of a specific voter record and did not indicate any compromise of its broader voter registration infrastructure or the personal data of more than 90 million registered voters nationwide.
Reaffirming its commitment to safeguarding voter information, the Commission said it remained dedicated to maintaining the security, confidentiality, and integrity of voter data, as well as upholding transparency and institutional accountability.
INEC also revealed that the Department of State Services (DSS) had independently commenced an investigation into the matter. The Commission pledged full cooperation with security agencies and warned that anyone found culpable would face appropriate legal action.
The electoral body urged members of the public and the media to avoid speculation while investigations are ongoing, assuring Nigerians that it would make its final findings and any consequential measures public in due course.