Manila Bulletin: Comelec servers hacked, possible leak of voters data

The servers of the Commission on Elections (Comelec) were allegedly attacked by a group of hackers on Monday, January 10.

Comelec information compromised

Comelec information was stolen by hackers

In an exclusive report released by Manila Bulletin's (MB) Technews team, a group of hackers has downloaded more than 60GB of data that could affect the May 2022 elections. It was not specified what "sensitive voter information" has been compromised but this and may not include voters' personal information including fingerprint data, passport information, etc.

The said hacking incident was discovered by the MB Technews team. They found that the hackers' group has breached the system of Comelec on Saturday, January 08. According to the report, the hackers downloaded "files that included, among others, usernames and PINS of vote-counting machines (VCM)."

Sensitive data downloaded also included [a] list of overseas absentee voters, location of all voting precincts with details of board of canvassers, all configuration list of the database, and list of all user accounts of Comelec personnel, said MBTechnews.

The MB Technews team immediately informed Comelec Spokesperson James Jimenez of its findings. Jimenez has since reported the incident to the Comelec Steering Committee.

During a call with MB Technews today, Jimenez said he has yet to get a reply from the Comelec Steering Committee. 

The other downloaded files were network diagrams, IP addresses, list of all privileged users, domain admin credentials, list of all passwords and domain policies, access to the ballot handling dashboard, and QR code captures of the bureau of canvassers with login and password, MB Technews team added.

MB Technews has disclosed that a source contacted and provided them the information regarding the incident last Saturday, January 08.

MBTechnews promptly verified this information and found that there was, indeed, an ongoing hacking of the servers. Further investigation showed the extent of the hacking to include the Comelec information that [was] stolen by the hackers, the report wrote.

Update: Comelec reporter for Rappler Dwight De Leon obtained a statement from Comelec spokesman James Jimenez regarding the matter. You may read the full statement below:

NEWS UPDATE: Comelec says it is validating a Manila Bulletin report which alleges that a group of hackers has breached its servers and downloaded sensitive data that could potentially impact the 2022 polls. @rapplerdotcom pic.twitter.com/fTj2s5EDQg

— Dwight De Leon (@newsdwight) January 10, 2022

What do you guys think?

Source: Manila Bulletin