Comelec

Comelec denies hacking, shows loopholes in Manila Bulletin report

Dwight de Leon
Comelec denies hacking, shows loopholes in Manila Bulletin report
(1st UPDATE) 'Fake news,' says Commission on Elections Commissioner Rowena Guanzon
Comelec denies hacking, shows loopholes in Manila Bulletin report

The Commission on Elections (Comelec) on Wednesday, January 12, refuted a report by the Manila Bulletin that hackers allegedly breached into the poll body’s servers and stole sensitive data related to the 2022 polls.

The Bulletin‘s tech editor, Art Samaniego, stood by their eight-paragraph story dated January 10, and told ANC it was based on screenshots and a 44-page PDF file, among other things. Their methodology in verifying the screenshots remained unclear.

Comelec denies hacking, shows loopholes in Manila Bulletin report

“As far as the Comelec is concerned, we are confident we were not hacked,” Comelec spokesperson James Jimenez told reporters on Wednesday, January 12. “We see no evidence of any sort of breach, but we are working hard to validate these allegations.”

Comelec Chairman Sheriff Abas also appeared in a CNN interview earlier on Wednesday to dispel the hacking claims, while Commissioner Rowena Guanzon took to Twitter to say the Bulletin report was “fake news.”

Jimenez pointed out loopholes in the Bulletin report, which claimed that hackers downloaded from Comelec servers some 60 gigabytes’ worth of data, including usernames and PINs of vote-counting machines, and locations of clustered precincts, among other things.

“[The report mentioned] clustered precincts. But the clustered precincts [referred to] are not from 2019 or 2022,” Jimenez said in a mix of English and Filipino. “Our key information is offline, things like information about list of voters. These are not available online, so how can that be hacked?”

The poll body also previously said that the PINs and passwords of VCMs couldn’t have been stolen because they were not yet in the system.

‘The screenshots are complete’

In an interview with SMNI on Tuesday, January 11, Samaniego said the information came from white hat hackers who just wanted to expose the vulnerabilities of the Comelec servers.

“For us, this happened. We verified it. The screenshots are complete,” he said in Filipino.

In another interview with ANC on Wednesday morning, Rundown anchor Mike Navallo asked Samaniego, “You mentioned there were screenshots. What steps did you take to verify these?”

Samaniego did not explain their process to verify these screenshots, except that they asked the Comelec about these and did not get a response.

To answer Navallo’s question, Samaniego emphasized in a mix of English and Filipino: “There were screenshots. These are really sensitive information, because these were screenshots of an active directory. Active directory means the person who has that access has the full access of the system.”

Samaniego then appeared to blame the Comelec for not getting back to him with a denial after tipping the poll body about the information he received.

“That’s why I told them, ‘We sent that to you to tell us that it’s not true so we can publish, but we did not receive any reply from you,'” Samaniego said.

But Jimenez asserted it is wrong to say that the Comelec reacted to the Bulletin‘s information only after the story was published.

“We’re taking it through the proper channels. Because the information was very sus (suspicious) from the very beginning, hindi naman puwedeng basta-bastang dambahan iyong information nila (it’s not right that we just accept their information hook, line, and sinker),” he said.

Samaniego noted the article was published upon the decision of the Bulletin‘s editorial team, not the Technews team, which he leads.

Lessons from 2016

Two months before the 2016 elections, the poll body also grappled with a major hacking incident, with hackers leaking a voter records database online.

The scandal, now known as “Comeleak,” is considered the biggest leak of personal data in Philippine history, and among the biggest breaches of a government-held database in the world. 

Jimenez, reflecting on the brouhaha from 2016, assured the public the Comelec has learned its lesson.

“We have confidence in the security of our systems and in the procedures we have undertaken since 2016 to ensure that our data cannot be unlawfully accessed,” Jimenez said. “It’s important for the Comelec to address it squarely, to really face it, and to show to everyone our systems are secure.”

Comelec denies hacking, shows loopholes in Manila Bulletin report

The National Privacy Commission on Wednesday ordered the Comelec, Bulletin, and Samaniego to appear at an online meeting on January 25 to discuss the alleged data breach.

Meanwhile, Comelec asked the National Bureau of Investigation (NBI) to also do a parallel probe, Justice Secretary Menardo Guevarra told reporters Saturday, January 15. Guevarra said the NBI conducted Saturday a physical security inspection of Comelec facilities in Laguna. “A thorough investigation is now in progress,” said Guevarra. – Rappler.com

Dwight de Leon

Dwight de Leon is a multimedia reporter who covers local government units and the Commission on Elections for Rappler.