The Department of Information and Communications Technology (DICT) will investigate the suspected hacking incident on the Commission on Elections (Comelec) data.
Acting Secretary Emmanuel Rey Caintic has directed the department’s Cybersecurity Bureau to start its inquiry into the alleged hacking of the polling organization’s data.
According to the DICT, the order was based on a January 10, 2022 story published by the Manila Bulletin, which stated that hackers reportedly gained access to the Comelec’s servers and seized critical material, including usernames and personal identification numbers of vote-counting machines (VCMs).
According to the Manila Bulletin Tech News team, 60 terabytes of data were illegally obtained from the servers.
“While the Comelec has denied the report through spokesperson James Jimenez, it is in the interest of the citizenry and of the country to feel secure in the electoral process. This is why I have tasked the DICT’s Cybersecurity Bureau to immediately and independently investigate these allegations,” Caintic stated.
“If information was truly stolen, there is still time to implement the required reforms and safeguards to ensure a fair, honest, and efficient election,” he added.
The Comelec has stated that it is validating the claimed hacking of poll data and has questioned the credibility of the news, claiming that there is nothing to hack because such data is not yet available.
For his part, DICT Cybersecurity Bureau Director Jose Carlos Reyes stated that his staff is already working closely with the polling organization.
“The National Computer Emergency Response Team of the Cybersecurity Bureau has been coordinating and assisting the Comelec Information Technology Department Director Jeannie V. Flororita on this matter,” Reyes added.
The National Privacy Commission (NPC) is also examining the claimed data hacking incident, stating that the poll body shall also investigate the matter and disclose its findings to the NPC by January 21.
The NPC directed that the involved parties — Comelec, Manila Bulletin, and Art Samaniego Jr., Technology editor and IT head of the Manila Bulletin — appear in a clarifying meeting on January 25, 2022.
“The upcoming elections have highlighted the need to tighten measures in protecting the information gathered from our stakeholders and preventing its use outside the intended purpose. Rest assured, the DICT Cybersecurity Bureau will support the Comelec to ensure that any attempt of data breach does not compromise the integrity of the elections,” stated DICT Assistant Secretary for Cybersecurity Atty. Kristoffer Tiansay.