The Independent National Electoral Commission (INEC) has commenced a comprehensive investigation into allegations surrounding the unauthorized access and disclosure of information obtained from its Continuous Voter Registration (CVR) database, following widespread reports circulating on social media and various media platforms.
The controversy emerged after claims surfaced that information relating to a candidate who participated in a recent political party primary election in the Federal Capital Territory (FCT) was improperly accessed and subsequently made public. The incident has sparked public concern about the security of voter information and the integrity of the Commission’s data management systems.
In a statement issued on June 2, 2026, INEC acknowledged the allegations and assured Nigerians that it was treating the matter with the utmost seriousness. The electoral body emphasized that protecting voter information remains one of its highest priorities and pledged to thoroughly investigate the circumstances surrounding the incident.
The statement, signed by Mohammed Kudu Haruna, National Commissioner and Chairman of the Information and Voter Education Committee (IVEC), explained that the Commission had already initiated an extensive review aimed at determining exactly how the information was accessed and released.
According to INEC, the ongoing investigation seeks to establish the facts, identify any individuals involved, and determine whether there was any violation of the Commission’s internal procedures and data protection protocols.
“The attention of the Independent National Electoral Commission has been drawn to allegations currently circulating on social media and in some sections of the media regarding the alleged unauthorized access to the Commission’s Continuous Voter Registration database and the subsequent publication of information relating to a candidate in a recent political party primary election in the Federal Capital Territory,” the statement said.
“The Commission takes these allegations seriously and has immediately commenced a thorough investigation to establish the facts surrounding the incident.”
INEC explained that, as part of the nationwide Continuous Voter Registration exercise, selected registration officers are granted limited and controlled access to specific sections of the CVR system to enable them carry out their official responsibilities.
These responsibilities include registering new voters, processing requests for transfers of voter registration, correcting records, and updating voter information where necessary.
The Commission stressed that such access is carefully regulated and strictly limited to official duties. It further clarified that the permissions granted to registration officers are temporary and withdrawn once the registration exercise concludes.
According to INEC, preliminary findings from its internal audit system have already helped investigators trace the source of the access used in retrieving the information at the center of the controversy.
The Commission disclosed that its audit trail successfully identified the specific user account through which the data was accessed.
As a result, relevant personnel connected to the account have already been questioned as part of the ongoing investigation.
“The audit trail from the preliminary investigation has enabled the Commission to identify the user account through which the information was accessed. Accordingly, relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation,” the statement explained.
INEC noted that investigators are not limiting their examination to the individual user account alone. The Commission said it is also scrutinizing broader technical, administrative, and operational factors that may have contributed to the incident.
Officials are reviewing all relevant processes to determine whether established access-control procedures were violated and whether any weaknesses exist within existing internal safeguards.
The electoral body emphasized that appropriate disciplinary and legal actions would be taken against anyone found responsible for misconduct.
“We are examining all technical, administrative and operational factors associated with the matter in order to establish individual responsibility and determine the circumstances surrounding the use of those credentials, as well as identify any breach of internal access-control protocols before taking appropriate action against anyone involved,” the Commission stated.
Importantly, INEC moved to reassure Nigerians that the incident does not appear to be the result of an external cyberattack or hacking operation.
According to preliminary findings, investigators have found no evidence suggesting that the Commission’s broader information technology infrastructure was compromised.
The Commission categorically stated that there was no breach of its database by outside actors and no unauthorized external access to its systems.
Instead, initial investigations suggest that the information was accessed through valid credentials assigned to personnel involved in the ongoing voter registration exercise.
However, the information was allegedly disclosed without proper authorization.
“Preliminary findings from the Commission’s audit trail indicate that there was no external breach of the CVR database, no hacking incident, and no unauthorized external access to the Commission’s ICT infrastructure,” INEC said.
“Rather, the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority.”
The Commission also sought to calm fears about the security of voter information nationwide.
INEC stressed that the incident under investigation involved the retrieval of a specific voter record and did not constitute a compromise of the entire voter registration system.
The Commission pointed out that Nigeria’s voter register contains records of more than 90 million registered voters and that there is currently no evidence suggesting that the personal information of voters has been exposed or endangered.
“The incident under investigation relates to the retrieval of a specific voter record and does not indicate any compromise of the Commission’s broader voter registration infrastructure or the personal data of over 90 million registered voters,” the statement added.
INEC reiterated its commitment to protecting the confidentiality, integrity, and security of voter data.
The Commission said maintaining public trust in the electoral process remains central to its mandate and assured citizens that it would continue to operate transparently throughout the investigation.
Furthermore, INEC disclosed that the Department of State Services (DSS) has independently commenced its own investigation into the matter.
According to the Commission, the DSS initiated its inquiry separately and is working to determine whether any criminal conduct may have occurred.
INEC pledged full cooperation with the security agency and other relevant authorities.
The Commission also warned that any individual found culpable after the investigations would face appropriate legal consequences.
“The Department of State Services, on its own accord, has commenced an independent investigation into the matter. The Commission will continue to cooperate fully with all relevant security agencies and will not hesitate to refer any person found culpable for appropriate legal action,” the statement said.
INEC appealed to Nigerians, political stakeholders, and media organizations to exercise patience and avoid spreading speculation while the investigation remains ongoing.
The Commission urged members of the public to rely on official updates and refrain from drawing premature conclusions.
It assured citizens that the findings of the investigation would be made public upon completion and that any corrective measures deemed necessary would be implemented.
The electoral body concluded by reaffirming its commitment to institutional integrity, accountability, transparency, and the protection of voter information, promising to keep Nigerians informed as developments unfold.
The statement was signed by Mohammed Kudu Haruna, National Commissioner and Chairman of the Information and Voter Education Committee (IVEC), on June 2, 2026.
