Skip to main content

Massive data breach leaves 55 million Filipino voters exposed

The Philippines will no longer be known only by its lush green countryside and blossoming tourism – it will also be known by the world's biggest ever government data breach.

Security firm Trend Micro has reported on Wednesday that Philippines’ Commission on Elections (COMELEC) was breached, with the data of 55 million voters exposed, risking first and foremost – identity theft.

According to The Register, Anonymous Philippines, the local branch of the global hacktivist group Anonymous, was behind the breach, defacing the COMELEC site on March 27 and warning the government to tighten up on cyber-security.

Days later, another group, LulzSec Pilipinas, posted the data dump online.

In the local media, the government has played down the breach, saying nothing of importance was taken.

“I want to emphasise that the database in our website is accessible to the public,” COMELEC spokesperson James Jimene said to the Philippine Daily Inquirer.

“There is no sensitive information there. We will be using a different website for the election, especially for results reporting and that one we are protecting very well,” he added.

However, Trend Micro begs to differ.

Not only is there sensitive information, but the data is sitting in plain text.

"Based on our investigation, the data dumps include 1.3 million records of overseas Filipino voters, which included passport numbers and expiry dates. What is alarming is that this crucial data is just in plain text and accessible for everyone. Interestingly, we also found a whopping 15.8 million record of fingerprints and list of peoples running for office since the 2010 elections.”

National elections in the country are scheduled for May 9.

Image Credit: Shutterstock/Benoit Daoust