Poll fraud, identity theft possible after Comelec website hacked – Migrante
April 14, 2016
Shah Sheikh (1294 articles)

Poll fraud, identity theft possible after Comelec website hacked – Migrante

A GROUP advocating the rights of overseas Filipino workers on Wednesday slammed the Commission on Elections (Comelec) for supposedly downplaying the “potentially massive and damaging effects” of the recent hacking of the poll body’s website.

“If all personal information would be used to rig the automated elections, the Comelec should not dismiss its possible repercussions and carry on as ‘business as usual,’” said Migrante party-list first nominee Garry Martinez, adding that overseas absentee voters were “especially concerned” since the absentee voting already started last April 9.

Martinez said repercussions of a breach in database could have been preempted had the Comelec complied with the requirements stated in the Automated Election System and e-Commerce laws, such as the public release of the new source code, a mechanism to verify whether the vote counting machines can accurately read, record and transmit votes and the activation of other security features.

“Because of these, we have no way to determine if the correct program is installed in the VCMs. We also have no way to verify if the votes cast are the ones being read, recorded and transmitted to the Comelec’s central server,” Martinez said.

“The hackers have only proven, however punitively, how vulnerable the AES is. Kung ginawa ng Comelec ang mga security measures, hindi mangyayari ito.  Paano na ngayong compromised ang central database ng Comelec? Bulag na talaga tayo,” he added.

But Comelec spokesperson James Jimenez assured the public that sensitive biometrics data were not included in the database leak by a hacker group, saying that the hacking would not compromise elections results and that the data inside the Comelec could not be manipulated.

The National Bureau of Investigation said they have now a lead on those behind the hacking of the Comelec website, which was consecutively breached by Anonymous Philippines and LulzSec Pilipinas last March 27.

Saying that the integrity of the elections and personal security and information are at risk, Martinez also warned of identity theft as he called on overseas voters to be vigilant.

“Every registered OAV is now susceptible to electoral fraud and identity theft. The 1.3 million OAVs are most vulnerable because their passport details have been exposed. Matched with their names, photos, birth dates and signatures, they are more open to different types of fraud because their personal information is more than 99% accurate. This means that even their bank accounts and remittances can be accessed. Who should be accountable and held liable for this security breach?” he added.

Source | Inquirer