The Independent National Electoral Commisson (INEC) and the Department of State Services (DSS) have commenced investigation into the unauthorised access to its Continuous Voter Registration (CVR) database, the commission said on Tuesday.
INEC was reacting to the controversies surrounding
the leaking the voter information of a Nollywood star, Emeke Ike by Lere Olayinka, the Senior Special Assistant to the Minister of the FCT, Nyesom Wike on Public Communications and Social Media, through an INEC administrative webpage, leading to what critics describe as security breach and compromise.
Ike lost in the primaries of the House of Representatives seat for the AMAC/Bwari Federal Constituency in the Federal Capital Territory, FCT, under the platform of the Nigerian Democratic Congress (NDC).
The Minister’s aide, on his X handle, wrote that Ike was formerly a registered voter in Imo State before transferring his registration to the FCT on May 15.
He attached two images to the post, which many believed contained details obtained from INEC’s administrative login portal.
Some of the personal information contained in the screenshots included Ike’s application number, registration centre, Voter Identification Number, profile picture, name and date of application.
The commission in a statement by its National Commissioner and Chairman of its Information and Voter Education Committee, Mohammed Haruna, said the audit trail from the preliminary investigation has enabled it to identify the user account through which the information was accessed, adding that accordingly, relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation.
The statement reads, “The attention of INEC has been drawn to allegations currently circulating on social media and in some sections of the media regarding the alleged unauthorised access to the CVR database and the subsequent publication of information on a candidate in the recent primaries of a political party in the Federal Capital Territory.
“The commission takes this allegation seriously and has immediately commenced a thorough investigation to establish the facts surrounding the incident. As part of the ongoing CVR exercise nationwide, authorised INEC Registration Officers were granted controlled access to specific components of the CVR system to enable them register new applicants, process requests for transfer of registration and update voter records where necessary. Such access is restricted to official duties only and is withdrawn at the conclusion of the exercise.
“The audit trail from the preliminary investigation has enabled the commission to identify the user account through which the information was accessed. Accordingly, relevant personnel have been questioned, and all units connected with the incident are cooperating fully with the investigation.
“The commission is also examining all technical, administrative and operational factors associated with the matter in order to establish individual responsibility and determine the circumstances surrounding the use of those credentials and identify any breach of internal access-control protocols before taking appropriate action against anyone involved.
“Preliminary findings from the Commission’s audit trail so far, however, indicate that there was no external breach of the CVR database, no hacking incident, and no unauthorised external access to the Commission’s ICT infrastructure. Rather, the information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority.
“The incident under investigation relates to the retrieval of a specific voter record and does not indicate any compromise of the Commission’s broader voter registration infrastructure or the personal data of over 90 million registered voters.
“The commission wishes to state categorically that it takes the security, confidentiality and integrity of voter data with the utmost seriousness and remains committed to transparency, institutional integrity, and the protection of voters’ personal information.
“Furthermore, the DSS, on its own accord, has commenced an independent investigation into the matter. The commission will continue to cooperate fully with all relevant security agencies and will not hesitate to refer any person found culpable for appropriate legal action.
“Members of the public and the media are therefore urged to disregard unfounded speculations while investigations remain ongoing. The commission will continue to keep the public informed of its final findings and any measures taken in response to the incident in due course.”
Friday Olokor
