Leaked Comelec data could be used in criminal activity —PNP cybercrime unit

The Philippine National Police Anti-Cybercrime Group has expressed alarm over the website which supposedly makes available personal information allegedly stolen from the Commission on Elections database.

Superintendent Robert Reyes of the PNP-ACG said the extent of information that could be accessed through the site could be used in criminal activities.

The site allows users to gain access to person’s basic personal data including one’s civil status, birthdate and place, residential address, relatives, and for some, even passport numbers.

“Ang very obvious ay identity theft, personality cover,” Reyes said.

“Tulad niyan may passport number. Mag-search ka ng passport image, i-edit mo at ilagay mo ‘yung passport number. Mayroon ka ng photocopy ng passport at puwede ka ng kumuha ng ibang valid ID,” he added.

Reyes said that there was not much people can do about the availability of the data because the information is already uploaded online.

However, he said financial institutions have to beef up their security measures to prevent criminals from using others’ identity.

“Yung mga banks or other agencies and financial institutions kailangang magdagdag ng other step of security to verify the authenticity ng mga information na iproprovide ng mga aplikante nila dahil baka ma-scam sila,” Reyes said.

Government action needed

Information systems expert Raymund Sarmiento echoed Reyes sentiments, saying the site poses lots of trouble.

Initially, the database could be downloaded easily via torrent. However, that data could not be easily read by itself.

“Hindi siya basta-basta nababasa kasi nga parang may specific format ng database na kailangan technical guy talaga ang magbubukas,” Sarmiento said.

But with a searchable database now available to everyone online, Sarmiento said that the only solution to the problem is to take the site down.

“Kailangan ng government na i-put down ang site. Ang approach diyan, everytime na may mag-up ng ganiyang site, kailangang itake down,” the IT specialist said.

“Ang kailangang gumawa ng move is Comelec mismo with the help of NBI (National Bureau of Investigation), kasi sa kanila galing ‘yung data eh,” he added.

Meanwhile, he warned people to be vigilant with people possibly having access to the personal information.

“Ang puwede lang magawa, i-inform ‘yung household na kung may mga nagtatanong, huwag basta-basta i-entertain,” he said.

A quick search on Domaintools.com, shows that the site is registered to Alex Petrenko. It was created April 8 this year using good.bad.or.fake@gmail.com as email address.

Comelec Spokesperson James Jimenez, in a statement posted on Twitter, said they are coordinating with the NBI Cybercrimes Division in looking into the website.

Jimenez warned the public not to use the site.

“We advise the public not to use the hacker website as it can be used by the hackers to steal your information and thus expose you even further to the dangers of identity theft,” Jimenez said. —NB/JST, GMA News