Anatomy of a Breach

Anatomy of a Breach: Philippines COMELEC — 55 Million Voters' Personal Data Published Online

> series: anatomy_of_a_breach —— part: 088 —— target: philippines_comelec —— records: 55,000,000 —— data: fingerprints_passports<span class="cursor-blink">_</span>_

Hedgehog Security 30 April 2016 12 min read
data-breach comelec philippines voter-data election-security 55-million fingerprints series
Breach #088

55 million voters. Fingerprints. Passport numbers. Published online before an election.

In March 2016, hacktivist group Anonymous Philippines defaced the website of the Commission on Elections (COMELEC), demanding improved security for vote-counting machines ahead of the May 2016 Philippine general election. Days later, a separate group calling themselves LulzSec Pilipinas published the entire COMELEC voter database online — approximately 55 million records containing names, addresses, dates of birth, marital status, passport numbers, and — for voters who had registered using the new biometric system — fingerprint data.

The breach exposed the personal data of virtually the entire voting-age population of the Philippines (approximately 60 million registered voters) just weeks before a national election. The leaked data — searchable online — created risks of identity theft, voter intimidation, and targeted disinformation at a national scale. The breach also included data on overseas Filipino voters, extending the exposure to Filipino communities worldwide. Trend Micro, which analysed the leaked data, described it as potentially the largest government data breach in history at the time.

Election Security
Recommended

Not sure where to start?

We'll scope your test for free and tell you exactly what you need. No obligation, no hard sell.

Free Scoping Call

Voter data breaches threaten democratic processes.

The COMELEC breach occurred in the same year as the DNC hack — together establishing 2016 as the year election security became a global concern. While the DNC hack targeted a political party, the COMELEC breach targeted the electoral infrastructure itself — the voter rolls that underpin the democratic process.

Biometric Data Cannot Be Reset
Like the <a href="/blog/anatomy-of-a-breach-opm">OPM fingerprint theft</a> in 2015, the COMELEC breach exposed biometric data that cannot be changed. Stolen fingerprints represent a permanent compromise — those 55 million individuals' biometric identifiers are compromised forever. For organisations deploying biometric systems, our <a href="/penetration-testing/infrastructure">security assessments</a> evaluate biometric data protection.
Election Integrity at Risk
Voter data can be used for targeted disinformation, voter intimidation, and manipulation of electoral processes. The breach occurred weeks before a national election, creating maximum potential for democratic disruption. For <a href="/blog/sector-under-the-microscope-local-government">UK local government</a> bodies responsible for electoral processes, the COMELEC breach demonstrates the critical importance of securing voter data.
Government Databases Remain Under-Protected
From <a href="/blog/anatomy-of-a-breach-hmrc-child-benefit-data-loss">HMRC</a> (2007) through <a href="/blog/anatomy-of-a-breach-opm">OPM</a> (2015) to COMELEC (2016), government databases consistently demonstrate inadequate security relative to the sensitivity of the data they hold. <a href="/cyber-essentials">Cyber Essentials</a> provides the baseline for public sector data protection.
Hacktivism and Election Timing
The breach was motivated by hacktivist concerns about election security — but the resulting data publication created exactly the kind of threat to electoral integrity that the hacktivists claimed to oppose. <a href="https://www.socinabox.co.uk">SOC in a Box</a> monitors for hacktivist reconnaissance and <a href="https://www.cyber-defence.io/services/threat-intelligence">UK Cyber Defence's threat intelligence</a> tracks hacktivist activity targeting specific sectors.
Lessons

Voter data demands the highest protection.

For any organisation responsible for electoral data — local councils, electoral registration officers, election technology vendors — the COMELEC and OPM breaches establish that voter and citizen data must be protected with controls commensurate to its sensitivity and the catastrophic consequences of its exposure. Cyber Essentials certification, regular penetration testing, continuous SOC monitoring, and incident response capability are not optional for organisations that hold the data that underpins democratic processes.

Government Data Protection

55 million voters exposed. Does your organisation hold citizen data?

<a href="/penetration-testing">Penetration testing</a> secures your databases. <a href="/cyber-essentials">Cyber Essentials</a> establishes the baseline. <a href="https://www.socinabox.co.uk/sectors/local-councils">SOC in a Box for Local Government</a> monitors 24/7.

Commission a Security Assessment Next: Mega-Breach Data Dumps
Next Step

Not sure where to start?

We'll scope your test for free and tell you exactly what you need. No obligation, no hard sell.

Free Scoping Call
Keep Reading

Related Articles

Anatomy of a Breach 31 May 2015

Anatomy of a Breach: US Office of Personnel Management — 21.5 Million Security Clearances Stolen by China

Breach #077. In June 2015, the US Office of Personnel Management disclosed two related breaches that compromised the records of 21.5 million current and former federal employees and contractors — including 5.6 million fingerprint records and detailed security clearance investigation files (SF-86 forms) containing information about finances, foreign contacts, mental health, drug use, and personal relationships. Attributed to Chinese state-sponsored hackers, the OPM breach was described as the most damaging theft of intelligence data in US history — a treasure trove for foreign intelligence services.

data-breach opm
14 min read
Anatomy of a Breach 30 April 2024

Anatomy of a Breach: AT&T — 73 Million Customer Records from a 2019 Breach Surface on the Dark Web

Breach #184. In March 2024, AT&T confirmed that a dataset containing the personal information of approximately 73 million current and former customers had been published on the dark web. The data — including names, addresses, phone numbers, dates of birth, Social Security numbers, and encrypted AT&T account passcodes (which security researchers quickly cracked) — appeared to originate from a breach dating to approximately 2019. AT&T had previously denied the data was from its systems. The breach demonstrated that stolen data surfaces years later, and that denial does not make a breach disappear.

data-breach att
12 min read
Anatomy of a Breach 31 August 2023

Anatomy of a Breach: UK Electoral Commission — 40 Million Voters' Data Exposed for Two Years Without Detection

Breach #176. In August 2023, the UK Electoral Commission disclosed that hostile actors had gained access to its systems in August 2021 — two years before the breach was announced — and accessed the electoral registers containing the personal data of approximately 40 million voters registered between 2014 and 2022. The compromised data included names, home addresses, email addresses, and dates registered. The breach was not detected until October 2022 and not publicly disclosed until August 2023. The ICO later criticised the Commission for basic security failures including unpatched software and weak passwords. The body responsible for overseeing UK democratic processes could not protect the data of the electorate.

electoral-commission uk-breach
14 min read
All Posts Get in Touch