Comelec vows voters' data breach won't happen again
MANILA, Philippines – Less than a year before the 2019 elections, the Commission on Elections (Comelec) gave assurances there would be not be a repeat of the voters’ data breach in 2016.
Responding to the question of Senator Antonio Trillanes IV, Comelec Executive Director Jose Tolentino Jr said the poll body now has tighter security than two years ago, citing the help of the Department of Information and Communications Technology (DICT).
“We are now being hosted by the DICT, unlike before when we just hosted our own website, and I think Undersecretary [Eliseo] Rio will be proud to say no one has been able to get into their system,” Tolentino said on Monday, August 6, during the joint congressional oversight committee hearing on the automated election system (JCOC-AES).
“Aside from that, we have backup of database…and it’s separate, it’s not connected to any website,” he added.
Tolentino reiterated the agency’s claim that information leaked in 2016 did not contain biometrics data, such as photos, signatures, and fingerprints. He said the hacking involved data from the Find My Precinct feature but said the DICT had reviewed it.
“So we’re good? We’re protected and we can respond accordingly in case of future attacks?” Trillanes asked.
“Yes sir,” Tolentino replied.
Tolentino maintained the leak did not affect the results of the 2016 elections “because the [compromised] website is not connected in any way to our automated system.”
On March 28, 2016 – or more than a month before the presidential polls – a group calling itself LulzSec Pilipinas accessed the data of the poll body's website and posted them publicly.
The National Privacy Commission earlier found former Comelec chairman Andres Bautista criminally liable for the incident.
The data leak involved:
75,302,683 voters' registration records (including deactivated or disapproved records) in the Comelec's Precinct Finder web application
- 1,376,067 records in its Post Finder web application
- 139,301 records in its iRehistro portal
- 896,992 records in its gun ban database
- 20,485 records of firearms serial numbers
- records of 1,267 Comelec personnel
The privacy body said Bautista's "willful and intentional disregard of his duties as head of agency, which he should know or ought to know, is tantamount to gross negligence." – Rappler.com