The Independent National Electoral Commission (INEC) has launched an investigation into an alleged misuse of authorized access credentials and unauthorized disclosure of information obtained from its Continuous Voter Registration (CVR) database.

The Commission said preliminary findings showed that there was no external breach of its database, no hacking incident, and no unauthorized access to its Information and Communication Technology (ICT) infrastructure.

INEC disclosed this in a statement issued on Tuesday by its National Commissioner and Chairman of the Information and Voter Education Committee, Mohammed Kudu Haruna.

The investigation follows the circulation of information relating to a candidate in the recent primary election of a political party in the Federal Capital Territory (FCT), which sparked controversy on social media and in sections of the media.

The information was specifically posted on the Facebook account of the spokesperson to Nyesome Wike, the FCT Minister, Lere Olayinka.

According to the Commission, the information was accessed through valid user credentials assigned to personnel involved in the ongoing nationwide Continuous Voter Registration exercise but was released without authorization.

"The audit trail from the preliminary investigation has enabled the Commission to identify the user account through which the information was accessed," the statement said.

INEC added that relevant personnel had been questioned and that all units connected to the incident were cooperating with investigators.

The Commission explained that Registration Officers participating in the CVR exercise were granted controlled access to specific components of the voter registration system strictly for official duties, including the registration of new voters, transfer requests and updates of voter records.

It noted that investigations were ongoing to determine individual responsibility, examine possible breaches of internal access-control protocols and establish the circumstances surrounding the use of the credentials involved.

INEC emphasized that the incident under investigation was limited to the retrieval of a specific voter record and did not amount to a compromise of the broader voter registration infrastructure or the personal data of more than 90 million registered voters.

"The information in question was accessed through valid user credentials assigned to personnel participating in the ongoing CVR exercise but released without authority," the Commission stated.

INEC reiterated its commitment to protecting the security, confidentiality and integrity of voter data, assuring Nigerians that it would take appropriate action against anyone found culpable.

The Commission further revealed that the Department of State Services (DSS) had independently commenced an investigation into the matter and pledged full cooperation with security agencies.

It urged members of the public and the media to refrain from speculation while investigations continue, assuring that its final findings and any consequential actions would be made public in due course.