COMELEC Hack Makes Voters Vulnerable

On March 27, 2016, the COMELEC website was defaced by Anonymous Philippines and then a second attack by LulzSec Pilipinas allowed them to leak the entire database of voter information online.

During registration, voters provide to COMELEC their full names, birth day, address, signature, picture and finger prints or their biometrics. These information are what your bank, phone company and credit card company use to verify you. Following the leak of the COMELEC database, malicious persons can theoretically pretend to be you.

An estimated 1.3 million overseas Filipino voters and 15.8 million fingerprint records are included in the leaked database. It is the biggest government related data breach in the world so far.

COMELEC stored the voter registration database without encryption so when the data breach happened, the leaked data is shown in plain text.

Voters should be vigilant in monitoring their bank, credit card and other financial and sensitive transactions. Any unusual activity should be reported to the bank or financial institution for review.