The Commission on Election’s official website has been hacked twice this week – its homepage was defaced and then its entire database was made available for anyone to download.
Hacktivist group Anonymous Philippines claimed responsibility for the first attack on the night of March 27, 2016. It replaced the website’s home page with the group’s logo and a warning message to implement the security features of the PCOS machines.
| COMELEC website defaced by Anonymous Philippines. |
The second attack was a database dump claimed by Lulzsec Pilipinas. The hacker essentially transferred around 340GB of data from the COMELEC website to his/her own website.
I examined some of the files and they seem legit. It includes simple information such as forms and memos to sensitive ones like cases, login credentials and BEI and voter details. Most are encrypted though which means they are not readable without further processes.
| Database dumps from COMELEC’s website now on hacker’s website. |
The COMELEC’s website was successfully brought back up at 3:15 am of March 28. Comelec spokesman James Arthur Jimenez assured that the hack won’t affect the upcoming elections since the website www.comelec.gov.ph is different than what will be used by the Vote Counting Machines.
He also said that the databases are “actually available for public use.” Anyone can go to the website and check their precinct number or view the different candidates.
