PNP looking into possible violations, lapses in database leak

The Philippine National Police (PNP) is now looking into possible violations and lapses in the reported leak of its database.

In a statement issued Thursday, the PNP said it took actions in response to the report of the National Privacy Commission (NPC) about the leak, which compromised the details of 1.2 million records of employees and applicants.

“As an immediate response to the said report by the NPC, the Anti-Cyber Crime Group (ACG) of the PNP is currently exerting efforts in fast-tracking its internal investigation to determine if there are possible violations of provisions of Republic Act 10173 (Data Privacy Act of 2012),” it said in a statement.

“Likewise, the Directorate for Information and Communication Technology (DICTM) is currently conducting an assessment of the systems to determine possible violations or lapses in protocols and procedures,” it added.

According to a report from Jeremiah Fowler at vpnmentor.com, the leaked data includes documents of academic and personal history.

These include birth certificates, educational record transcripts, diplomas, tax filing records, passports, and police identification cards. Copies of fingerprint scans, signatures, and required documents were also found.

These were from different agencies like the PNP, National Bureau of Investigation (NBI), Bureau of Internal Revenue, Special Action Force Operations Management Division,  and Civil Service Commission, amongst others.

Department of Information and Communications Technology (DICT) Secretary Ivan John Uy said Tuesday that there had been serious lapses in the “supposed leak” from the PNP database.

The PNP said it is now closely collaborating with DICT “to ensure the security, safety, and privacy of information in the custody of the PNP to strictly comply with the provisions of the Data Privacy Act.” — RSJ, GMA Integrated News