Website leaks Philippine voter data

This is AI generated summarization, which may have errors. For context, always refer to the full article.

Website leaks Philippine voter data
(UPDATED) Website: 'We thought that it would be fun to make a search engine' of Philippine voter information

MANILA, Philippines (UPDATED) – The Comelec data breach has reached an entirely new level, with a new site being put up that lets anyone search for any names listed in the database leaked by the group known as Lulzsec Pilipinas.

The site, named “Philippines, we have your data,” spread on social media Thursday, April 21.

The site allows anyone to input a first name and last name to index a list of possible matches from the Comelec database, which can include their own data.

DATA BREACH. A new site lets users search through data of millions of Filipinos. Screenshot from site.

The data itself, based on a number of reports, includes birthdates, fingerprint data, names of relatives, one’s personal address, citizenship information, passport information, and other miscellaneous information. (READ: Experts fear identity theft, scams due to Comelec leak)

Unlike an earlier searchable index from Have I Been Pwned – which only informed the scope of the breach to individuals – none of the information stored on the searchable website is kept private from any other individual. This means anyone with a passing interest and a name in mind can now search for additional information on potentially millions of registered voters. (READ: Is Comelec liable for website data leak?)

“We thought that it would be fun to make a search engine over that data,” the website said.

According to Whois registration information, the registrant for the site appears to be from Russia.

Raising alarm

IT experts on Thursday night identified steps to mitigate the impact of the leak. (READ: After Comelec data leak, what to do to protect yourself?)

Security experts previously raised an alarm over the potential issues of the data breach. Security firm Trend Micro said that the breach made Filipino voters “susceptible to fraud and other risks.”

Troy Hunt, who maintains the Have I Been Pwned website which earlier confirmed the extent of the breach and allowed users to check their names against known email addresses from the leak, was alarmed that the Comelec site was “an absolute mess of huge volumes of data, tables with suffixes which appear to indicate copies or duplication, draft or temporary data and inconsistent (and frequently insufficient) cryptographic storage of sensitive data.”

Meanwhile, a suspected hacker of the Comelec website has been captured, and is now in government custody.

While the site does list many names of affected individuals, it should also be noted that not being listed on the site does not ensure that you are safe from the extent of the data leak.  –

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI

How does this make you feel?

Download the Rappler App!