Privacy watchdog tells Comelec to explain alleged hacking by Jan. 21


Posted at Jan 12 2022 12:31 PM | Updated as of Jan 12 2022 04:42 PM

MANILA (UPDATE)- The National Privacy Commission said Wednesday the Commission on Election should explain the alleged hacking and data breach reported by the Manila Bulletin not later than Jan. 21.

In a statement, the NPC also said it has issued separate orders to the Comelec, MB tech editor Art Samaniego and Manila Bulletin to appear for a "clarificatory" meeting via teleconference on Jan. 25.

"The COMELEC must address the serious allegations made in the Manila Bulletin news report and determine whether personal data were indeed compromised, particularly personal information, sensitive personal information, or data affecting the same, which were processed in connection with the upcoming 2022 national and local elections," NPC commissioner John Henry Naga said.

"COMELEC is also directed to conduct a comprehensive investigation on the matter and submit to the NPC the results thereof no later than January 21, 2022," he added.

Manila Bulletin earlier reported that an estimated 60 gigabytes of data, which possibly contain personal information, were allegedly accessed by hackers, the NPC said. 

Comelec spokesperson James Jimenez earlier questioned Manila Bulletin report. But the agency said it was conducting its own investigation.

Naga said the NPC would not tolerate any violation of the Data Privacy Act "including negligence in implementing organizational, physical and technical security measures on date processing."


In a tweet, Partido Reporma presidential aspirant Senator Panfilo Lacson welcomed NPC's move to have Samaniego explain the allegations of hacking and data breach.

“Good thing that the National Privacy Commission has stepped into the picture to summon the author of the Comelec hacking story, Mr. Samaniego to get the 'proof' which he earlier claimed he has. It is now best to await the developments before further commenting on the issue,” Lacson said.

Lacson earlier said his campaign’s in-house Comelec-accredited cyber-security team is currently conducting its own investigation to get initial information and urged the Comelec to “clarify the veracity of the hacking incident and be forthright with its findings.”

The presidential aspirant added that the Comelec should also be “open to letting experts and related stakeholders help strengthen the security system,” including cybersecurity experts and those of other aspirants.

“Only through transparency and accountability can we guarantee the integrity of the upcoming elections,” he said.

“Our elections on May 9 could not have come at a more critical time. This is not just about the individual candidates, but about upholding our democracy which, if the hacking turns out to be true, is gravely being threatened,” he added.

On the other hand, presidential aspirant Ka-Leody De Guzman urged Comelec to be transparent and share the information that they have with the public. 

De Guzman asked the commission's plans in securing voters' data, most especially that this was not the first time that it happened. 

"Ilabas sa publiko ang lahat ng detalye ng mga nakumpromisong inpormasyon at papaano ito nangyari kahit na ginagarantiyahan ito ng mismong Comelec at pribadong kumpanyang Pro V&V," he said. 

(They should release the compromised information to the public and tell us how it happened even if this was guaranteed by the Comelec and private company Pro V&V.) 

"Ano ang kanilang plano para i-secure ang mga panibagong source codes at paano nila maiiwasan na ito’y ma-breach."

(What are their plans to secure the new source codes and how would they prevent the data breach.)

The Philippines is set to hold the 2022 Presidential poll this coming May.

-- With reports from Willard Cheng and Josiah Antonio, ABS-CBN News


Watch more on iWantTFC