Chidinma Iroegbu
The Independent National Electoral Commission (INEC) has ruled out external hacking of its Continuous Voter Registration (CVR) database following allegations of unauthorised access to voter information linked to a political party primary in the Federal Capital Territory (FCT).
INEC said preliminary investigations showed that its information and communications technology infrastructure was not compromised by cyber attackers or external actors.
The commission disclosed that the voter information was accessed through legitimate user credentials assigned to officials participating in the ongoing nationwide CVR exercise.
According to INEC, the retrieved information was later disclosed without approval, prompting a detailed internal investigation into possible abuse of authorised access.
The electoral body stated that registration officers were granted limited access to sections of the CVR platform strictly for official activities, including voter registration, transfer requests and record updates.
INEC explained that such access is temporary and usually withdrawn immediately after the completion of the registration exercise.
The commission said its audit tracking system successfully identified the specific user account through which the voter record was accessed.
It added that officials connected to the incident had already been interrogated while investigations continue into possible violations of internal data protection protocols.
INEC stressed that the incident involved only a specific voter record and did not affect the database containing information of more than 90 million registered voters nationwide.
The commission reaffirmed its commitment to voter data protection and electoral integrity, adding that the Department of State Services (DSS) had commenced a separate probe while legal action would be taken against anyone found culpable.