INEC Investigates Alleged Misuse of CVR Database Access

By Enitan Abdultawab

The Independent National Electoral Commission (INEC) has opened an investigation into claims that its Continuous Voter Registration (CVR) database was accessed without authorization and that information about a candidate in a recent political party primary in the Federal Capital Territory (FCT) was disclosed.

In a statement released on Tuesday on its official X page, the commission said it had become aware of reports on social media and in parts of the press alleging that data had been improperly retrieved from its voter registration system.

INEC said it has begun a thorough probe to establish the facts surrounding the incident and to determine whether any of its internal protocols were breached.

The commission explained that registration officers who are part of the nationwide CVR exercise were given controlled access to specific sections of the system so they could register new voters, process transfers and update records. It added that such access is strictly limited to official duties and is withdrawn once the exercise ends.

INEC disclosed that preliminary audit trail findings have already identified the user account that was used to access the information.

“Relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation,” the commission said.

The electoral body added that it is examining all technical, administrative and operational aspects of the matter to determine individual responsibility and to establish whether there was any breach of its internal access‑control procedures.

However, INEC stressed that its preliminary investigation found no evidence of an external cyberattack or compromise of its systems.

“Preliminary findings from the Commission’s audit trail so far indicate that there was no external breach of the CVR database, no hacking incident, and no unauthorised external access to the Commission’s ICT infrastructure,” the statement said.

According to the commission, the information in question was accessed using valid credentials assigned to personnel involved in the ongoing voter registration exercise but was released without authorization.

INEC further clarified that the incident involved the retrieval of a specific voter record and does not suggest any compromise of its wider voter registration infrastructure or the personal data of more than 90 million registered voters nationwide.

Reaffirming its commitment to protecting voter information, the commission said it treats the security, confidentiality and integrity of voter data with utmost seriousness.

The commission also revealed that the Department of State Services (DSS) has independently begun its own investigation into the matter.

INEC pledged full cooperation with security agencies and vowed to take appropriate legal action against anyone found responsible for any wrongdoing.

The electoral body urged the public and the media to avoid speculation while investigations continue, assuring Nigerians that its final findings will be made public in due course.

The post INEC probes alleged misuse of CVR database access appeared first on Vanguard News.