Anonymous Hackers Infiltrate Philippines’ Election Website, 55 Million Philippine Voters PII Leaked

Data of more than 55 million registered voters in the Philippines is at potential risk, as hackers have reportedly managed to infiltrate the Philippines’ Commission on Elections (COMELEC) entire database.

Anonymous Philippines, a branch of the online hacktivist group, hacked into the COMELEC website on March 27, and left a defacement message on the site warning of a possible fraud during next month’s election before removing the defacement message two days later. The hackers also posted a video on social media, warning officials not to tamper with the public’s vote and claim they only want fair elections.

Speaking in the video, Anonymous said: “COMELEC, it is your mandate to protect the integrity of our votes. The people want an honest election. We demand legitimate election results. We hope for encouraging changes in the electoral system,” the hackers said in their video.

On the same day as the hack, n3far1ous, one of the group’s members, hinted that the group could do more damage if their warning was not heeded. “Dear COMELEC, do you think it is impossible to dump the whole database? Well, think again..” the hacker wrote in a Facebook post.

However, their forewarning became a reality on April 6, when security firm Trend Micro discovered that a second hacking group, LulzSec Philippines, also hacked the website and is behind the leak on information of 55 million people.

This incident puts pressure on the COMELEC and their Automated Voting System (AVS). In a statement in the Trend Micro report, COMELEC spokesperson James Jimenez confirmed that the security of the website is not high but he pointed out that the AVS ran on a different, more secure network and that the recent hack will not affect the voting machines. Jimenez is confident of the security features of the AVS and reassured the public that things will go smoothly during the elections.

While COMELEC officials claim that no sensitive information was stored in the database, Trend Micro research showed that the data dumps includes 1.3 million records of overseas Filipino voters, which included names, addresses, birth dates, ID cards, passports, data on candidates, parties, overseas voters, 15.8 million record of voter fingerprints and list of people running for office since the 2010 elections.

This leak may turn out as the biggest government related data breach in history, surpassing the Office of Personnel Management (OPM) hack last 2015 that leaked PII, including fingerprints and social security numbers (SSN) of 20 million US citizens. Also, this leak comes after an unknown hacker leaked the details of nearly 50 million Turkish citizens.

Presidential elections in the Philippines are scheduled for May 9.