Personal information of millions of Filipino voters – including addresses and biometric data – were released in a website on Thursday (April 21), raising concerns among netizens on their privacy and security.
Hackers who broke into the Commission on Elections (Comelec) website have uploaded the huge collection of personal data into a website, wehaveyourdata.com. The site however is down as of this writing (April 22 12 p.m.).
“As you know (or don’t know), recently LulzSec Pilipinas have hacked comelec.ph. They have dumped the database of about 70 million of Philippines voters and have published all the data at archive.org,” the website said.
Users can stalk a registered voter by just typing his or her full name. The search result shows the voter’s birthdate, address, and in some cases, even biometric information and names of parents.
To make things worse, the huge personal data on Filipino voters, around 70 gigabytes, was also made downloadable via a torrent link.
Netizen @jesterinexile sounded the alarm over the government’s apparent seeding of the data leak, which makes the voter’s personal information data even more accessible to anyone.
Hackers under LulzSec Pilipinas breached the Comelec website last March 27 with little media attention at the onset. Internet securty firm Trend Micro said the data leak “may turn out as the biggest government related data breach in history.”
But the Comelec downplayed the data breach, saying the poll body’s website is separate from the site where election results will be uploaded and the system running the vote-counting machines (VCMs).
Poll watchdog Kontra Daya said has serious implications “not just for the security and privacy of registered voters, but also for the integrity of the elections.”
“As the COMELEC continues to downplay the impacts of the data breach, we also need to ask if the Election Management System (EMS), a component of the Automated Election System, is not similarly compromised,” Kontra Daya said.
The group said EMS is responsible for ballot template generation, SD card configuration, results generation and other tasks.
Bank and IT experts said Filipinos can minimize the risks arising from the data breach by renewing identity cards, passports and licenses.