The hacked voting records of millions of Filipino citizens have been made public and searchable.
Earlier this month, the entire database of the Philippines' Commission on Elections (COMELEC) was breached, leading to the potential theft of 55 million records of private Filipino citizens. As of 2016, the country had a population of just over 100 million, making the number of records breached over half the population of the country.
It seems the breach only added to COMELEC's embarrassment as, just the previous month, another hacker group defaced its website. The vandals exhorted the commission to improve its own security as well as the security of its automated voting system coming up to the 9 May elections.
COMELEC officials were quick to say that no sensitive information had been stolen, though they admitted that the COMELEC website did not have particularly high security.
Now it appears, those millions of records have been taken and published online in a searchable, Google-style format. The information includes sex, birthdate, civil status, addresses and precinct code. Cyber-security company Trend Micro, in its own analysis of the incident, mentions that the dump includes fingerprint data and a list of COMELEC officials with administrator access as well as 1.3 million overseas Filipino voters.
Responding to the news that the files had been made into a digestible format, James Jimenez, spokesperson for COMELEC
Statement. pic.twitter.com/fwyxrOxyS0— James Jimenez (@jabjimenez) April 21, 2016
Jimenez mentioned that Philippine's National Bureau of Investigation Cybercrimes Division is now “investigating the matter”.
Jimenez added, “We advise the public not to use the hacker website as it can be used by the hackers to steal your information and thus expose you even further to the dangers of identity theft.” Jimenez concluded by saying that one of the hackers responsible for the breach had already been apprehended.
But why publish? Why not just sell this info on? Chris Boyd, a malware intelligence analyst at Malwarebytes, speculated to SCMagazineUK.com that the group who published the records “may well be frustrated with what they see as a lack of response from both COMELEC and the higher echelons of government”.
Boyd added, “If Philippine citizens were in any doubt as to the scale of the breach, the hackers now have their full attention in terms of how big a problem this could be.”
The site that has uploaded this great wealth of data offer its own justification. “Why are we doing this”, the authors asked, continuing: “For lulz. Hackers just hack and download data from websites but we make it accessible for anyone. It's one thing to hear news about a huge data leak and another to see your data in a public website. Maybe, at least now, government will start thinking about security of citizens' personal data.”
Though COMELEC officials claimed that “no sensitive information” was taken during the breach, the miscreants behind the uploading of the data added: “The database contains a lot of sensitive information, including fingerprint data and passport information. So, we thought that it would be fun to make a search engine over that data.”
MalwareBytes took a look at some of the published information and confirmed that much of it is legitimate.
Whatever odd public service these hackers might feel they're doing, Boyd knows that they can't ensure the information is used in a noble way, even if that's the intention: “A mass data dump paves the way for everything, from marketing companies scraping the data to phishers being given instant access to one of the most comprehensive hauls on the planet, in terms of basic personal information.”
Boyd added, “Social engineering and confidence tricks are very popular in the Philippines, and this will only aid scammers in the long term.”