What to do if your personal information is included in the leaked Comelec data
If you managed to check the website containing the leaked data from the Commission on Elections (Comelec) and found that your personal information is included, then you could face the risk of being targeted to further exposure like identity theft and unauthorized access to personal or financial accounts.
Based on the data that we saw, it is probable to gain access to your online accounts (Facebook, Twitter, etc.), banking accounts, credit card and other related online services.
So what do you do? Here are some tips for you to take in order to mitigate or minimize further exposure:
1. List down all your important online accounts starting with your FB all the way to your Paypal or banking accounts, credit card, postpaid account (Globe and Smart portal) and other services that you regularly use. Make a checklist and go through them one by one so it’s easier and you will not miss anything later.
2. Log in to those sites and immediately change your passwords, just to be sure. Most people would have a Facebook account so doublecheck the security settings of your account and hide personal information like your mobile number and similar data. Many people also use their emails (GMail, Yahoo) as primary access to other online accounts. Make sure the passwords are harder (alphanumeric, more than eight characters and use a special character) and enable SMS notification.
3. Look for the Security settings and modify your Challenge Questions. Normally, you would have your birthdate, mother’s maiden name and address as the usual challenge questions, all of which are available in the leaked data that is presumed to be from Comelec. Some banks like BDO use personal information when you request for a password reset. In our case, it’s the city where I was born and my mother’s maiden name.
4. Use two-factor authentication. This sends a PIN code to your mobile phone whenever there is a valid access to your account. A lot of sites already have this feature so check it and activate.
5. Call your credit card company and phone banking company and change some of your old information if these were among the data leaked from the Comelec database. While you can’t change your birthdate and mother’s maiden name, perhaps a change of address (to a parent’s address or office address) could minimize the risk.
On top of these, always be on the lookout for signs of activity especially in your financial accounts. In our case, we started with our bank accounts, then postpaid accounts with Globe and Smart (online portal) and then credit card accounts.
Aside from your online accounts there could also be other identity theft-related activities that can expose you. We’ve already heard of unscrupulous individuals scamming telecoms companies by opening postpaid accounts with free devices, people requesting a supplementary credit card account under your name without your approval, and incidents of people getting SSS loans under a stolen identity.
The Comelec has downplayed the risk of exposure of millions of voters as a result of the leaked data. The repercussions might be far more than what they’d like to admit but the risks are very real.
The least they could do is to swiftly mount a massive information dissemination among all those affected by the leaked data and coordinate with government agencies and financial institutions. Those personal data are already out there and there’s nothing we can do but be aware and take the necessary action to minimize potential risks and avoid further exposure.
- Latest
