ENUGU, Nigeria (VOICE OF NAIJA)- The Independent National Electoral Commission (INEC) has revealed that a member of its staff with authorised access to the Continuous Voter Registration (CVR) database is at the centre of an investigation into the unauthorised release of a voter record belonging to a candidate in a recent political party primary in the Federal Capital Territory (FCT).
INEC disclosed the development on Tuesday in a statement issued by the National Commissioner and Chairman of the Information and Voter Education Committee, Mohammed Kudu Haruna, following widespread allegations on social media and in sections of the media suggesting that the commission’s voter database had been compromised.
The electoral body also confirmed that the Department of State Services (DSS) has launched a parallel investigation into the incident.
According to Haruna, preliminary findings from INEC’s internal audit trail showed that the voter database was not hacked and that there was no external breach of the commission’s information technology infrastructure.
READ ALSO: INEC Debunks Reports Of 2027 Election Timetable Release
“Preliminary findings from the Commission’s audit trail so far indicate that there was no external breach of the CVR database, no hacking incident, and no unauthorised external access to the Commission’s ICT infrastructure. Rather, the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority,” Haruna stated.
INEC explained that registration officers involved in the nationwide Continuous Voter Registration exercise were granted controlled access to specific sections of the database solely for official functions, including registering new voters, processing transfer requests and updating voter records.
The commission stressed that such access is restricted to designated duties and can be withdrawn at the conclusion of the exercise.
Haruna said the commission’s audit trail enabled investigators to identify the exact user account through which the voter record was retrieved.
He disclosed that relevant personnel had already been questioned, while all departments linked to the incident were cooperating fully with ongoing investigations.
INEC further stated that investigators were examining every technical, operational and administrative aspect of the case to determine individual responsibility and establish whether any internal access-control procedures were violated.
Addressing concerns about the scale of the breach, the commission maintained that only one voter record was accessed and disclosed without authorisation, assuring Nigerians that the personal data of more than 90 million registered voters remained secure.
READ ALSO: Double Voter Registration Attracts Jail Term – INEC
INEC added that the integrity of the country’s wider voter registration infrastructure had not been compromised.
The commission also disclosed that the DSS initiated its own independent investigation into the matter without any request from INEC.
Haruna said the electoral body would fully cooperate with the DSS and all other relevant security agencies, warning that any individual found culpable would face prosecution.
INEC urged members of the public and media organisations to avoid speculation while investigations continue.
The commission also pledged to make public its final findings and any corrective measures taken once all investigations have been concluded.