NBI arrests hacker of Comelec website

Zyann Ambrosio, ABS-CBN News

A photo of the suspect in the Comelec website hacking.

MANILA - The National Bureau of Investigation on Thursday announced the arrest of a suspect in the hacking of the Commission on Elections public information website.

The suspect, a 20-year-old IT graduate, may face charges for violating the Anti-Cybercrime Act.

Comelec Chairman Andres Bautista and NBI Director Virgilio Mendez announce the arrest of a suspect in the Comelec website hacking. Zyann Ambrosio, ABS-CBN News

In a press conference, Comelec Chairman Andres Bautista said the hacker admitted that he defaced the Comelec website.

"Gusto raw niya siguraduhin lahat ng security features ay ipapatupad ng Comelec. We assured him na lahat ng security features na sa election law ay ipapatupad," Bautista said.

He added: "Iba yung gagamiting website sa resulta (ng halalan). Ang na-hack ay yung public information website."

Bautista assured the public that the hacking incident will not affect the automated nationwide elections. He said the defacement only affected several features of the Comelec website such as the precinct finder.

NBI Director Virgilio Mendez said the agency will apply for a series of search warrants for the remaining hackers. The NBI Cybercrime Division is also investigating if the hacker is involved in the defacement of other government websites.

Hackers from Anonymous Philippines defaced the Comelec website last March 27. In the message posted on the website, the group criticized the poll body for rejecting some of the security features of the automated polls.

Trend Micro, a global security software company, earlier said the personal data of 1.3 million overseas Filipino voters, including their passport information, as well as fingerprints of 15.8 million people were compromised in the hacking of the Comelec site.

It said the data dump "may turn out as the biggest government related data breach in history."

Comelec hacking threatens security of voters: Trend Micro

"Based on our investigation, the data dumps include 1.3 million records of overseas Filipino voters, which included passport numbers and expiry dates. What is alarming is that this crucial data is just in plain text and accessible for everyone. Interestingly, we also found a whopping 15.8 million record of fingerprints and list of peoples running for office since the 2010 elections," Trend Micro said.

It added that among the data leaked online by hackers were files on all candidates running in the election "with the filename VOTESOBTAINED."

"Based on the filename, it reflects the number of votes obtained by the candidate. Currently, all VOTESOBTAINED file are set to have NULL as figure," the security software company said. "The Comelec website also shows real time ballot count during the actual elections. While Comelec claims that this function will be done using a different website, we can only speculate if actual data will be placed here during the elections and if tampering with the data would affect the ballot count."

It warned that criminals can use the leaked personal information of Filipino voters for extortion and other illegal activities. "In previous cases of data breach, stolen data has been used to access bank accounts, gather further information about specific persons, used as leverage for spear phishing emails or BEC [Business Email Compromise] schemes, blackmail or extortion, and much more.

During the press briefing, Bautista said the Comelec has formed a technical working group to study the possible recovery of any data compromised by the hack.

KNOW THE WHOLE STORY