Sign in / up

back to article Megabreach: 55 MILLION voters' details leaked in Philippines

A massive data breach appears to have left 55 million Philippine voters at much greater risk of identity fraud and more. Security researchers warn that the entire database of the Philippines’ Commission on Elections (COMELEC) has been exposed in what appears to be the biggest government related data breach in history. The …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. JeffyPoooh
    Pint

    "...15.8 million record of fingerprints..."

    Hashes, or actual images?

    Not that it really matters... We tend to leave them around everywhere.

    As has been pointed out, they're usernames (not passwords).

    4 0 Reply
    1. CrazyOldCatMan Silver badge
      Reply Icon

      Re: "...15.8 million record of fingerprints..."

      > Hashes, or actual images?

      >Not that it really matters...

      It does matter - especially if the hash is engineered to be non-reversable (I used to work for a company that made fingerprint readers and ours were specifically engineered to not be reversable - unlike quite a few of our competitors..)

      So it's the difference between someone being able to make a convincing clone of your fingerprint and not.

      Although I agree in one sense - with all the other info in the dump I suspect that fingerprints will be one of the last things the bad guys will try to use.

      0 0 Reply
  2. frank ly

    Cynicism?

    "We will be using a different website for the election, especially for results reporting and that one we are protecting very well,”

    Yes, you wouldn't want anyone interfering with the reporting of results of an election; that's the government's job.

    4 0 Reply
  3. Pascal Monett Silver badge
    Trollface

    30 million here, 50 million there

    Pretty soon nobody will have the luxury of being able to hide anything.

    Hmm, maybe there's a correlation somewhere. Anybody know what the NSA is doing ? Silly me, of course they're behind all this.

    3 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: 30 million here, 50 million there

      > Pretty soon nobody will have the luxury of being able to hide anything.

      Maybe we're going about this the wrong way.

      Problem: if someone learns your national identity number they can commit identity fraud by claiming to be you.

      Solution: *Publish* everyone's national identity number. Then knowledge of somebody's identity number automatically has *zero* trustworthiness. Banks and the like would be forced to use other methods to confirm your identity.

      Repeat for credit card numbers etc.

      2 0 Reply
      1. tom dial Silver badge
        Reply Icon

        Re: 30 million here, 50 million there

        The downside, of course, is that everybody's existing accounts already are identified by the national ID number.

        0 0 Reply
  4. Derichleau

    The ICO has recently confirmed (RFA0612308) that ANY information found in the public domain does not require consent to process it. In other words, if this breach were related to UK individuals, then any UK organisation would not be unlawfully processing personal information by processing it - even if they were well aware that it had come from a breach. They'd be unfairly processing the information sure, but not unlawfully because for it to be unlawful - section 55 of the DPA, they would have to knowingly process the information without the consent of the data controller. But according to the ICO, consent is not required for information that is found in the public domain.

    4 1 Reply
    1. splodge
      Reply Icon

      Being on the internet does not mean it's in the public domain

      2 0 Reply
  5. BurnT'offering

    “I want to emphasise that the database in our website is accessible to the public,”

    Yes, but was it supposed to be?

    3 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    Weird week ...

    Panama.

    Turkey hack (remember that ?)

    Superinjunction.

    Now this .....

    2 0 Reply
  7. Mark 85

    I swear that I've read the links and the article a few times and I'm of the belief that the late Mohammed Saeed al-Sahhaf has been re-incarnated.

    1 0 Reply
  8. Anonymous Coward
    Anonymous Coward

    Security researchers warn that the entire database of the Philippines’ Commission on Elections (COMELEC) has been exposed in what appears to be the biggest government related data breach in history.

    Wasn't the Turkey one 79 million people exposed?

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like