The Commission on Elections (Comelec) on Friday announced that a website built by hackers containing a massive leak of almost 55 million registered voters has been taken down.
Comelec spokesman James Jimenez said the automated elections will be run on a different server, not on the one that was hacked, and that experts say the polls on May 9 are unlikely to be compromised.
The United States Department of Justice helped to disable the website that angered Filipinos Thursday upon finding their names and personal information on the website.
The leaked data include voters’ names, birthdays, home addresses, email, parents’ full names and, in some cases, passport details and text markers of fingerprints.
A hacker group had defaced the website of the Comelec in March, and on April 6, a second hacker group posted the entire database online, with mirror links where the data could also be downloaded, according to a research by Internet security company Trend Micro. The Tokyo-based company first reported on the breach.
Trend Micro said with the breach, “every registered voter in the Philippines is now susceptible to fraud and other risks.”
“With 55 million registered voters in the Philippines, this leak may turn out as one of the biggest government-related data breaches in history,” it said.
Jimenez said the leaked data that were uploaded online were not fingerprints but text markers that cannot recreate the fingerprints.
Presidential spokesman Herminio Coloma condemned the cyber attack and said government agencies were closely coordinating with the commission to further strengthen its security protocols. He vowed to prosecute the perpetrators.
“Although verifications, that have been made thus far, have shown that the integrity of the automated election system has not been affected by the latest cyber attack, we share the public’s concern on the ill-effects of this act,” he said.
Government agents late Wednesday arrested Paul Biteng, a 23-year-old suspect, a new graduate of information technology, in his home in Manila. The suspect told them he defaced the site not to get money but for bragging rights.
Officials are hunting down his alleged accomplices.
The latest hacking scandal comes amid an investigation into the cyber theft of $101 million from the Bangladesh central bank’s account in the Federal Reserve Bank of New York, and the money’s transfer to the Philippines and Sri Lanka.