^

Headlines

Hackers release info on Philippine voters online

Janvic Mateo - The Philippine Star
April 21, 2016 | 10:00am

MANILA, Philippines - Personal details of voters have been publicly released online, raising alarm among netizens yesterday over the implications of the database hack that the Commission on Elections (Comelec) earlier downplayed.

An Internet security firm has described the March 27 hacking and defacement of the poll body’s website as potentially the world’s biggest government-related data breach, but officials said they have yet to verify if the released information had come from the Comelec database.

A user-friendly website, http://wehaveyourdata.com, allows Internet users to search for the personal information of registered Filipino voters.

Among the information released were full names, birth dates, addresses, registration details and voter identification numbers.

Other voter details posted include the persons’ height and weight, passport details, and – in some cases – even biometric information such as fingerprint info and topography.

Unlike the Comelec website that enables voters to find their precincts by entering their full name and birthday, the site allows users to search for personal information of anyone with just the first name.

In such cases, users will find a list of names containing the one that they searched for, accompanied by birth dates and an option to see the full information.

“As you know (or don’t know), recently LulzSec Pilipinas have hacked comelec.ph. They have dumped the database of about 70 million of Philippines voters and have published all the data at archive.org,” said the owners of the page.

“The database contains a lot of sensitive information, including fingerprint data and passport information. So, we thought that it would be fun to make a search engine over that data,” it added.

While the data have been publicly available since the hack on March 27, owners of the site noted that they have made it available for everyone with Internet access.

“It’s one thing to hear news about a huge data leak and another to see your data in a public website. Maybe, at least now, government will start thinking about security of citizens’ personal data,” they said.

Comelec spokesman James Jimenez earlier downplayed the database hack, saying these were public information anyway.

But a security software company already warned of the implications of the database leak.

Security software company Trend Micro said cybercriminals can use the information gathered from the data breach to perform acts of extortion.

It noted that in previous instances, stolen data were used to access bank accounts and gather further information about specific persons.

The security firm alleged that the data leaked following the hacking of the Comelec website included sensitive personal identifiable information that puts every registered voter susceptible to fraud.

“Based on our investigation, the data dumps include 1.3 million records of overseas Filipino voters, which included passport numbers and expiry dates. What is alarming is that this crucial data is just in plain text and accessible for everyone,” said the security firm.

“Interestingly, we also found a whopping 15.8 million record of fingerprints and list of people running for office since the 2010 elections,” it added.

Who was negligent?

In an ambush interview yesterday, Comelec Commissioner Rowena Guanzon said those responsible for the hacked website of the poll body may be held accountable. 

“I don’t know if heads should roll but I think that we have called the director of the ITD (information and technology department) to explain why this happened and what do they intend to do to make our websites more secure,” she said. “If there is gross neglect, that is a ground under the civil service rule.”

Guanzon added that the Comelec should learn from its mistakes to prevent the incident from happening again. 

Jimenez said they are still verifying the accuracy of the data that the hackers claimed to have copied.  

Webhosting service

Yesterday, the Department of Science and Technology-Information and Communications Technology Office (DOST-ICTO) confirmed that the Comelec will be migrating to their webhosting services provided under their flagship Integrated Government Philippines (iGovPhil) project.

But engineer Denis Villorente, DOST-ICTO deputy director general for e-government and concurrent director of the DOST’s Advanced Science and Technology Institute (ASTI), said the migration has yet to be done.

The DOST-ICTO said the Comelec website was webhosted by a private company.

DOST-ASTI has been particularly tasked to implement Administrative Order 39 issued by Malacañang mandating government agencies to migrate to the Government Web Hosting Service (GWHS) and set the Unified Web Content Policy (UWCP) that will give all government websites a common look and feel.

Government websites hosted under the GWHS have not had any successful defacements.

Warning vs Comelec, Smartmatic

In a related development, uniformed masked men warned Comelec and Smartmatic officials of dire consequences if they will allow the rigging of the May 9 polls.

“We declare a state of war against those who are out to trample upon the people’s right to vote through the sacred ballot. We are ready to kill and be killed for the Filipino people,” one of around 15 men holding assault rifles and the Philippine flag said in a video released yesterday on Facebook.

The group cited in particular Comelec Chairman Andres Bautista and the poll body’s commissioners, as well as Smartmatic officials.

Sought for comment, Col. Noel Detoyato, public affairs office chief of the Armed Forces of the Philippines, said they will have to determine the authenticity of the video because the armed men may just be using the military uniform to hide their real identities.

Election watchdog Kontra Daya yesterday said the breach on the Comelec’s data system has serious implications not just on the security and privacy of registered voters, but also on the integrity of the elections.

“When we register as voters, personal information we hold private become part of the Comelec data system. We voluntarily submit these information with an implicit assurance from Comelec that these will be kept private and not be published publicly on the Internet,” Rick Bahague, Kontra Daya convenor, said.

Bahague said another grave implication of the Comelec data leak is that the exposed voter information can be used as an added tool to commit electoral fraud. – With Sheila Crisostomo, Rhodina Villanueva, Jaime Laude, Rainier Allan Ronda

vuukle comment
Philstar
x
  • Latest
  • Trending
Trending
Latest
Trending
abtest
abtest
'Paurong mag-isip': MMDA's proposal to remove EDSA bike lanes draws flak
play

'Paurong mag-isip': MMDA's proposal to remove EDSA bike lanes draws flak

By James Relativo | 2 days ago
Mobility advocates scored the Metropolitan Manila Development Authority after proposing the removal of bicycle lanes on EDSA...
Headlines
fbtw
Former senator Rene Saguisag dies

Former senator Rene Saguisag dies

By Ian Laqui | 2 days ago
Following the EDSA Revolution in 1986, Saguisag became the spokesperson of former President Corazon Aquino.
Headlines
fbtw
Marcos wants online child sex abuse stopped

Marcos wants online child sex abuse stopped

By Alexis Romero | 1 day ago
President Marcos wants the elimination of online sexual abuse and exploitation of children to be his legacy as he regards...
Headlines
fbtw
DOJ, PNP warn vs cooperation with ICC

DOJ, PNP warn vs cooperation with ICC

By Alexis Romero | 1 day ago
Government officials found acting in defiance of the Marcos administration’s stance against allowing International Criminal...
Headlines
fbtw
Transfer of Quiboloy sex case to Pasig court sought

Transfer of Quiboloy sex case to Pasig court sought

By Daphne Galvez | 1 day ago
The Department of Justice is seeking the transfer to Pasig City of the sexual and child abuse complaints lodged against Kingdom...
Headlines
fbtw
Latest
abtest
DILG: Crime rate lower under President Marcos compared to Duterte

DILG: Crime rate lower under President Marcos compared to Duterte

By Helen Flores | 34 minutes ago
The Philippine National Police (PNP) has recorded a lower crime rate during the first 21 months of the Marcos administration...
Headlines
fbtw

Philippines remains out of US IPR watch list

By Louella Desiderio | 34 minutes ago
The Philippines was kept out of the US government’s list of countries with issues on intellectual property rights (IPR) enforcement for the 11th straight year.
Headlines
fbtw
P15.5 billion calamity fund ready for El Niño

P15.5 billion calamity fund ready for El Niño

By Louise Maureen Simeon | 34 minutes ago
Government agencies can still tap over P15 billion in disaster funds to mitigate the impacts of El Niño, the Department...
Headlines
fbtw
Fish catch down since Balikatan – group

Fish catch down since Balikatan – group

By Bella Cariaso | 34 minutes ago
Fish catch around Panatag (Scarborough) Shoal has decreased since the start of the Balikatan exercises, which may have prompted...
Headlines
fbtw
PNP revokes Quiboloy’s firearms licenses

PNP revokes Quiboloy’s firearms licenses

By Emmanuel Tupas | 34 minutes ago
Fugitive preacher Apollo Quiboloy must surrender his guns, after the Philippine National Police (PNP) yesterday revoked his...
Headlines
fbtw
Recommended
Are you sure you want to log out?
X
Login

Philstar.com is one of the most vibrant, opinionated, discerning communities of readers on cyberspace. With your meaningful insights, help shape the stories that can shape the country. Sign up now!

Get Updated:

Signup for the News Round now

FORGOT PASSWORD?
SIGN IN
or sign in with