The Independent National Electoral Commission (INEC) has confirmed that internal personnel accessed and released confidential voter registration data, triggering nationwide outrage over data privacy, institutional trust, and electoral integrity in Nigeria.
INEC Confirms Internal Breach
In a press statement issued on 2 June 2026 by National Commissioner and Chairman of Information and Voter Education Committee, Mohammed Kudu Haruna, the Commission confirmed that the incident was not caused by an external cyberattack. Instead, preliminary investigations showed that valid staff credentials assigned for official Continuous Voter Registration (CVR) duties were used to access voter data, which was then allegedly disclosed without authorisation.
INEC stressed that the breach did not involve hacking or external infiltration of its ICT systems, and that the core voter database containing records of over 90 million Nigerians remains secure. However, it admitted that a specific voter record was accessed and shared outside approved channels, raising concerns about internal control failures.
Audit Trail and Investigations
According to the Commission, an audit trail has already identified the user account involved, while affected personnel have been questioned. It added that disciplinary and legal actions will follow once investigations are concluded, in collaboration with security agencies including the Department of State Services (DSS), which has also launched an independent probe.
Public Outrage and Criticism
Despite the reassurances, the revelation has triggered widespread public anger, particularly on social media, where Nigerians questioned the credibility of INEC’s data protection systems ahead of future elections. One user wrote: “Bro, you wrote an entire press release to say: ‘Yes, someone used official credentials to pull a candidate’s full voter record and splash it online… but relax, it wasn’t a hack.’”
Another reaction read: “All these are incompetent saving of face. AMUPITAN MUST RESIGN.”
Cybersecurity Concerns
Concerns also extended to cybersecurity practices within the electoral body. A tech analyst commented that INEC’s systems appeared to lack proper safeguards such as “breakglass access controls,” arguing that sensitive production data should require dual approval before access is granted. The analyst further suggested that the Commission’s digital infrastructure should be reviewed by globally recognised firms.
Impact on Trust
Meanwhile, another commenter warned that the incident could significantly damage public trust, stating that if no clear accountability is enforced, Nigerians may lose confidence in the electoral system ahead of future elections. The controversy has also reignited debate over voter data protection, with critics describing the incident as a form of digital privacy violation. Some argued that exposing personal voter records without consent amounts to cyberstalking and called for immediate corrective actions, including reissuing affected voter identification details.
INEC’s Response
INEC, however, has urged the public to avoid speculation while investigations continue, insisting that it remains committed to safeguarding electoral data and maintaining institutional integrity. The Commission also reaffirmed its readiness to cooperate fully with security agencies and promised to make its findings public once investigations are completed.
For many Nigerians, however, the incident has deepened concerns about how secure the country’s electoral data truly is—and whether internal systems can be trusted ahead of future polls.
