Manila, Philippines — COMELEC Mega-leak, appears to be one of the biggest cybercrime that ever happened to Philippine government security, as it has potentially up to 55 million Filipino voters affected.
It was on March 27 Sunday evening, when the COMELEC‘s (Commission on Elections) website was defaced by a certain hacker group known as Anonymous Philippines. Days later, a second hacker group LulzSec Pilipinas exposed COMELEC’s entire database online, putting half of the Filipino population at risk.
“A great lol to Commission on Elections, here’s your whoooooole database,” The group’s Facebook post read. “Update: Added 3rd db mirrors.”
Despite these hacks, the COMELEC tried to convince the public that it can still protect the votes in the country’s upcoming 3rd automated elections.
“I want to emphasize that the database in our website is accessible to the public,” Comelec spokesperson James Jimenez told the Philippine Daily Inquirer. “There is no sensitive information there. We will be using a different website for the election, especially for results reporting and that one we are protecting very well,” he added.
The commission’s immediate response seems to show that it is unaffected by these hacks at that time.
James Jimenez of COMELEC also tweeted:
the COMELEC website has been back up since app 3:15 AM. However, as we continue to scour the site, all databases remain temporarily off.
— James Jimenez (@jabjimenez) March 28, 2016
— James Jimenez (@jabjimenez) March 28, 2016
What’s included in the Mega-leak
As initially reported by the security software company Trend Micro on its blog on April 6, a massive amount of personally identifiable information (PII)–including passport information and fingerprint data appears to be included in the leakage.
With 55 million registered Filipino voters affected by the Mega-leak, according to Trend Micro, this may turn out as “one of the biggest government-related data breaches in history, surpassing the Office of Personnel Management (OPM) hack last 2015 that leaked PII, including fingerprints and social security numbers (SSN) of 20 million US citizens.”
Based on our investigation, the data dumps include 1.3 million records of overseas Filipino voters, which included passport numbers and expiry dates. What is alarming is that this crucial data is just in plain text and accessible for everyone. Interestingly, we also found a whopping 15.8 million record of fingerprints and list of peoples running for office since the 2010 elections.
Earlier, a similar Mega-leak also happened in Turkey when Anonymous hacktivist group exposed a Turkish citizenship database which could affect nearly 50 million Turks.
Mega-leak available online as a searchable website
Just recently, another security software developer Malwarebytes posted on its blog dated April 21, a searchable website claimed by the hackers group LulzSec Pilipinas, which holds the leaked information and allows anybody access to what constitutes “sensitive information”.
The website declares:
“What is this all about? As you know (or don’t know), recently LulzSec Pilipinas has hacked comelec.ph. They have dumped the database of about 70 million of Philippines voters and have published all the data at archive.org. The database contains a lot of sensitive information, including fingerprint data and passport information. So, we thought that it would be fun to make a search engine over that data. Why are we doing this? For lulz. Hackers just hack and download data from websites but we make it accessible for anyone. It’s one thing to hear news about a huge data leak and another to see your data in a public website. Maybe, at least now, the government will start thinking about the security of citizens’ personal data.”
The website has only three fields and a search button and pre-filled in the boxes is the name of the current President of the Philippines.
It also states:
“ATTENTION: there is no any passport information, no documents, etc. There is just personal data from the previously leaked by LulzSecPinas Comelec database. We have no responsibility and don’t give any warranty of leaked data’s accuracy – we have just extracted it from the dump.”
Meanwhile, Democracy.Net.PH, a group that supports Internet Freedom, posted on facebook a list of tips and security measures dealing with the potential effects of cyberattacks for all affected registered voters who need help.
Government underinvestment in security infrastructure
According to an interview with Chris Boyd, a senior malware intelligence analyst at Malwarebytes who has lived and worked in the Philippines, the said hack and subsequent breach are products of a politically charged local hacking scene as well as the widespread security flaws in the country’s infrastructure.
“There are a lot of talented hacking groups in the Philippines, and it’s no surprise that a hack like this has happened. Whether in hospitals, airports, or shopping malls, every terminal you see there is running a Windows XP,” Boyd told El Reg. “Additionally, most conversations at hacking events in the country tend to turn political, with many attendees frustrated with what they feel is an underinvestment in the nation’s security infrastructure.
So what now?
Yet, it is still unknown what are the motives of these hackers. Could this affect the incoming elections? What help could we ask now in the government regarding this matter?
My personal note
Being a concerned Filipino citizen, my thoughts are we should be proactive and must educate ourselves on this issue to get us prepared for its potential threats to our personal security.
If you have comments on this important national issue, feel free to put that in the comments section below.
Quote from https://www.linkedin.com/pulse/information-security-awareness-securing-human-olufon-muyiwa
Update: As of this writing, the hackers’ website LulzSec Pilipinas seemed to have been taken down already and is not accessible at the moment.