Comelec to investigate alleged data breach of vote-counting machines usernames and PINs: 'Such information still does not exist'
The Commission on Elections (Comelec) is currently investigating a report of a group of hackers allegedly breaching its servers, compromising sensitive voter data relating to 2022 polls.
Manila Bulletin published an article on Jan. 10 stating that hackers were able to gain 60 gigabytes of files including usernames and PINs of vote-counting machines, network diagrams, IP addresses, domain admin credentials, and more.
According to the report, the data breach was discovered by the outlet's Technews on Jan. 8, Saturday after they were contacted by an unnamed source. The team "promptly verified" the hacking and immediately informed Comelec spokesperson James Jimenez, who said he would bring the information to the attention of the Comelec Steering Committee.
On Jan. 10, Jimenez said he has yet to get a response from the committee.
However, the poll body expressed doubt for the claims in a statement released on the evening of Jan. 10. It said that the stolen information "still does not exist in Comelec systems simply because the configuration files—which include the usernames and PINs—have not yet been completed."
Jimenez further questioned the truth of the claim by noting how the article did not offer proof of verification.
"We invite the authors to shed light on their allegations, particularly with regard to the 'verification' they claim to have carried out," he said.
Candidates on the alleged data breach
Presidential aspirant Vice President Leni Robredo and her running mate Francis "Kiko" Pangilinan expressed their alarm over the reported hacking on Jan. 11.
"We ask Comelec to immediately confirm if it happened and the extent of the compromise involved," they said in a joint statement. "The welfare of the people, more than the candidates, is paramount. This election is for their future and they should not have any doubt about the process and its result."
Manila Mayor Isko Moreno has also issued a statement on the data breach, urging the poll body to assure the public that the reported hacking won't compromise the integrity of the May 9 poll.
"Make these hackers, these culprits, pay for the crime they committed! Whether they are from within or outside the Comelec, this brazen act, which further attempts to diminish the integrity of the upcoming 2022 elections, should not go unpunished," he said.
Sen. Ping Lacson also expressed his concerns over the issue, saying Comelec should "clarify the veracity of the hacking incident."
He also said the poll body "should be open to letting experts and related stakeholders help strengthen the security system."