The Independent National Electoral Commission (INEC) has commenced a comprehensive investigation into allegations surrounding the unauthorised release of voter information, assuring Nigerians that there is no evidence of a cyberattack or compromise of its voter registration database.

In a press statement on Tuesday,  the commission said it treated the allegation with utmost seriousness and had immediately activated internal procedures to determine the circumstances that led to the incident.

According to INEC, authorised registration officers participating in the ongoing Continuous Voter Registration (CVR) exercise were granted limited access to designated sections of the registration system to perform official functions, including new voter registration, transfer requests and updates to voter records. The commission explained that such access is strictly tied to official responsibilities and is withdrawn once the exercise concludes.

READ ALSO:

The electoral body disclosed that its preliminary audit trail had already identified the user account through which the information was accessed.

As a result, relevant personnel have been questioned, while departments connected to the matter are cooperating with investigators.

INEC said it was examining the technical, operational and administrative aspects of the incident to determine individual responsibility, establish how the credentials were used and identify any violations of internal access-control procedures.

The commission stressed that initial findings indicated the incident did not result from an external attack on its systems.

“Preliminary findings from the Commission’s audit trail so far, however, indicate that there was no external breach of the CVR database, no hacking incident, and no unauthorised external access to the Commission’s ICT infrastructure. Rather, the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority.”

INEC further clarified that the matter under investigation relates only to the retrieval of a specific voter record and does not suggest any compromise of its broader voter registration infrastructure or the personal information of more than 90 million registered voters.

The commission said it remained dedicated to transparency, accountability and the protection of personal data.

“The Commission wishes to state categorically that it takes the security, confidentiality and integrity of voter data with the utmost seriousness and remains committed to transparency, institutional integrity, and the protection of voters’ personal information.”

INEC also revealed that the Department of State Services (DSS) had independently initiated its own investigation into the matter.

The commission pledged full cooperation with security agencies and warned that anyone found responsible would face appropriate legal consequences.

“The Commission will continue to cooperate fully with all relevant security agencies and will not hesitate to refer any person found culpable for appropriate legal action.”

INEC urged members of the public and the media to avoid speculation while investigations continue, assuring Nigerians that updates would be provided as more facts emerge.