The group, called the Centurion Project, had made a publicly accessible database featuring the names and addresses of nearly three million Alberta voters.

The website was shut down last week, after Elections Alberta secured a court injunction.

Lawyers for the agency said it traced the database back to an official voter list that was legally provided to the pro-independence Republican Party of Alberta. 

How the list changed hands is under separate investigations by Elections Alberta and the RCMP. 

A spokesperson for Elections Alberta, Michelle Gurney, said Thursday that the Centurion Project identified 23 individuals who were given full copies of the voter list, while another 545 accessed it through the database when it was still active.

The group was ordered to provide the information as part of a court order.

Gurney said cease-and-desist letters have been sent to all those identified as accessing the information.

"The 23 people who were provided the list are required to provide a signed declaration they have complied with the direction," Gurney added.

"They have 48 hours to comply."

The Centurion Project has said its goal was to identify and recruit as many supporters of Alberta independence as possible ahead of an expected referendum this fall.

In a statement last week, a spokesperson for the group said it relied on an unnamed third party for the data and that it would comply with the ongoing investigations.

Gurney didn't provide names for those receiving cease-and-desist letters, but some in the separatist movement have shared on social media letters they received.

The letters, signed by chief electoral officer Gordon McClure, explain that the Centurion Project was not legally entitled to have the voter list, as such lists are only provided to political parties, party officials, legislature members and election candidates.

Opposition NDP Leader Naheed Nenshi told reporters he was happy to see progress in the investigation with the cease-and-desist letters but that he's still concerned the list ended up in the wrong hands.

"The thing I'm worried about is that the Centurion Project took the database down from the public, but they still have access to it," he said.

The data breach has raised safety concerns for many, including those seeking anonymity from abusive partners.

Police have said if people believe they're at risk of serious harm because their address was exposed, they should contact police.

The breach has also been the subject of a heated debate in the legislature.

The Opposition NDP revealed this week that a United Conservative Party caucus staffer attended a virtual meeting held by the Centurion Project two weeks before the issue came to light.

During the meeting, the NDP has said, the group's leader demonstrated how the website worked.

Smith has insisted the staffer had no reason to believe at the time that the database wasn't above board and that she didn't know about the voter list leak until she read media reports last week. 

Nenshi said Smith is either lying or needs to take responsibility for an "incompetent" caucus culture.

The NDP said it notified police about the breach the day after the April 16 meeting. Smith has said the NDP should have also told her government, even though the caucus staffer was in the meeting.

Smith's caucus tried to get legislature Speaker Ric McIver to formally sanction Nenshi over failing to inform the government, saying failure to do so put public officials at risk.

Nenshi said he acted responsibly and didn't trust Smith on the issue, given her prior ties to the founder of the Centurion Project.

McIver said he would issue a decision Monday.

This report by The Canadian Press was first published May 7, 2026.