The Independent National Electoral Commission has commenced an investigation into allegations of unauthorised access to its Continuous Voter Registration database following the publication of information relating to a candidate in a recent political party primary election in the Federal Capital Territory.
In a statement issued on Tuesday, the National Commissioner and Chairman of the Information and Voter Education Committee, Mohammed Haruna, said the commission was treating the matter with utmost seriousness.
“The attention of the Independent National Electoral Commission has been drawn to allegations currently circulating on social media and in some sections of the media regarding the alleged unauthorised access to the Commission’s Continuous Voter Registration database and the subsequent publication of information on a candidate in the recent primaries of a political party in the Federal Capital Territory,” the statement read.
“The Commission takes this allegation seriously and has immediately commenced a thorough investigation to establish the facts surrounding the incident.”
INEC explained that as part of the ongoing nationwide CVR exercise, authorised registration officers were granted controlled access to specific components of the registration system to enable them to carry out voter registration, transfer requests and updates to voter records. Such access is strictly limited to official duties and is withdrawn once the exercise concludes.
Haruna disclosed that preliminary findings from the commission’s audit trail had helped identify the user account through which the information was accessed.
“The audit trail from the preliminary investigation has enabled the Commission to identify the user account through which the information was accessed. Accordingly, relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation,” it said.
INEC stated that preliminary findings showed there was no external breach of its systems.
“Preliminary findings from the Commission’s audit trail so far indicate that there was no external breach of the CVR database, no hacking incident, and no unauthorised external access to the Commission’s ICT infrastructure. Rather, the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority,” the statement added.
The commission stressed that the incident involved the retrieval of a specific voter record and did not suggest any compromise of the wider voter registration system or the personal information of more than 90 million registered voters.
“The incident under investigation relates to the retrieval of a specific voter record and does not indicate any compromise of the Commission’s broader voter registration infrastructure or the personal data of over 90 million registered voters,” the statement said.
INEC also revealed that the Department of State Services had independently commenced an investigation into the matter.
“Furthermore, the Department of State Services, on its own accord, has commenced an independent investigation into the matter. The Commission will continue to cooperate fully with all relevant security agencies and will not hesitate to refer any person found culpable for appropriate legal action,” the statement added.
The investigation follows an incident involving actor Emeka Ike, who contested the House of Representatives seat for the AMAC/Bwari Federal Constituency under the Nigerian Democratic Congress. Lere Olayinka, media aide to the Minister of the Federal Capital Territory, Nyesom Wike, had shared what appeared to be Ike’s voter information via an INEC administrative webpage, showing details including his Voter Identification Number, profile picture and application date. Ike has since described the action as shocking and the height of political rascality.
