Can elections be at risk due to Comelec website hacking?

MANILA, Philippines - On Thursday, April 21, website “Philippines, we have your data” claiming to contain sensitive information about voters has emerged online. The said website reportedly contains data such as voter’s first and last name, personal address, birthdate, passport details, precinct and other information.

Can elections be at risk due to Comelec website hacking?

Commission on Elections (Comelec) spokesperson James Jimenez apologized for the hacking of the website which led to the biggest leak of personal data in Philippine history. However, they are yet to confirm if the leaked data came from LulzSec Philippines, which hacked and defaced the website on March 27.

Hackers leaked sensitive data of 70 million Filipino voters.
Hackers leaked sensitive data of 70 million Filipino voters. PHOTO CREDIT: Sunstar.com.ph
“I apologize for this continuing attack on your privacy and assure the public that the Comelec is doing everything we can resolve this matter at the soonest possible time,” Jimenez said in a statement.

Jimenez added that the poll body is yet to verify the posted information online with the help of the National Bureau of Investigation (NBI) CyberCrimes Division. Moreover, he also warned the public not to use the hacker website as it can be used by hackers to get further information.

“We also cannot rule out at this stage that this may be an attempt by the hackers to monetize the data they claim to have,” Jimenez added.


According to Digital Forensics principal consultant Drexx Laggui, the new website has massive implications.

“So many different organization, good and evil intent, want that database. Worst case scenario, people can be mapped out, bribed or intimidated… Or scared to not vote anymore if a region is not favorable to an org,” Laggui explained.

The electoral process, according to Laggui, may also be compromised if Comelec officials will be prosecuted for violations of Data Privacy Act. In this case, they will not be able to administer their functions.

The 23-year-old Information Technology (IT) graduate who allegedly hacked the website last month was arrested by NBI agents on Wednesday, April 20.

Paul Biteng, the alleged hacker of Comelec website.
Paul Biteng, the alleged hacker of Comelec website.
Known as PhantomHacker Khalifa in the hackers community, the suspect identified as Paul Biteng claimed he had not intention to harm and had been hacking websites for years in order to “practice.” Aside from the Comelec website, he had also taken down other government websites like Pagasa, the Civil Service as well as the Dipolog City government.

Biteng, who is also an alleged member of the hacking group Anonymous Philippines, asked for a selfie with NBI Director Virgilio Mendez. The suspect is currently facing charges for violating the anti-cybercrime law.

Yugatech.com advises the public to change passwords and security questions of online accounts if their personal information was included in the leak.

--Mini, The Summit Express



Previous Post Next Post