Department of Information and Communications Technology (DICT) Secretary Ivan John Uy said Tuesday that there had been serious lapses in the "supposed leak" from the Philippine National Police (PNP) database, which compromised the details of 1.2 million records of employees and applicants.
"Definitely, there were serious lapses in procedure. First, if you want to do that kind of system, dapat siguro nagpaalam kayo sa IT department niyo at sa head ng agency niyo na gagawa kayo ng ganitong sistema at dapat inapprove nila," Uy told reporters.
(They should have asked permission from their IT department and the agency head should have approved the system.)
Uy said the matter is already being investigated by the National Privacy Commission because "it is a violation of the Data Privacy Act."
Those at fault will surely be held accountable, Uy stressed.
"Of course. They will have to be held accountable. But again, the job now is with the National Privacy Commission to study and investigate and recommend kung anong appropriate sanctions," he said.
Uy, however, said what happened was not a hack or breach.
"So it's not a hack, it's not a breach. There was no intrusion kung baga into any government system," Uy said.
(There was no intrusion in any government system.)
According to a report from Jeremiah Fowler at vpnmentor.com, the leaked data includes documents of academic and personal history.
These include birth certificates, educational record transcripts, diplomas, tax filing records, passports, and police identification cards. Copies of fingerprint scans, signatures, and required documents were also found.
These were from different agencies like the PNP, National Bureau of Investigation (NBI), Bureau of Internal Revenue, Special Action Force Operations Management Division, and Civil Service Commission, amongst others.
A resolution has been filed in the Senate seeking a probe into the reported PNP data leak. —VAL, GMA Integrated News