COMELEC

BIGGEST DATA
BREACH IN THE
PHILIPPINES MARCH 27 2016

DATA BREACH
it is recorded as the biggest private data leak in the
Philippines containing the information about 55
million voters. Lulzsec Pilipinas, a black hat computer
hacking group with affiliations to Anonymous
Philippines, exposes the vulnerability in the
Commission on Elections’ website.

WHY DID IT HAPPENED?

(AnonymousPH) Exposure of the vulnerability of the
website. (LULZSec Pilipinas) Infiltration and Illegal
distribution of the voter's information.

340 GB DATA VULNERABLE

LulzSec Pilipinas posted an online link to what it claims
is the entire COMELEC database and updated the post
to include three mirror links to the database's
downloadable files index. LulzSec Pilipinas' leaked files
total 340 gigabytes.

EXTENT OF BREACH
The security firm Trend Micro found the breach as
"alarming" since it said that the data are easily
accessible to the public were in plain text. It also added
that 15.8 million record of fingerprints along with a list
of people who have run for office since the 2010
elections were found by the firm's investigation.

PERPETRATORS
The National Bureau of Investigation (NBI)
apprehended one of the suspected hackers, later
identified as Paul Biteng, the 20-year-old IT graduate
student, in his home in Sampaloc, Manila. and after 8
days Joenel de Asis - also a 23-year-old Computer
Science graduate, apprehended by NBI at his house in
Muntinlupa.

VULNERABILITY
According to Biteng, the hacking was intended to
expose or to show how vulnerable the COMELEC
website is. while De Asis admitted that he downloaded
the 340 gigabytes voters data and ASSURED that the
data leak will not affect the upcoming elections as they
did not hack the Vote Counting Machines (VCM)

COMELEAK

SOURCE: HTTPS://WWW. SPOT. PH/NEWSFEATURES/THE-LATEST-

NEWS-FEATURES/68952/10-THINGS-ABOUT-COMELEAK-
COMELEC-A1594-20170112-LFRM4