Every Voter In The Philippines Exposed In Massive Data Breach

schwit1 writes: "The database of the Philippine Commission on Elections has been breached and the personal information of 55 million voters potentially exposed in what could rank as the worst ever government data breach anywhere," according to Infosecurity Magazine.
The magazine attributes an initial web site breach to Anonymous, who were reportedly trying to persuade the commission to enable more security features on their automated vote-counting system before upcoming national elections on May 9. A second group named LulzSec Pilipinas then later posted the entire voter database online.

Trend Micro wrote that "Every registered voter in the Philippines is now susceptible to fraud and other risks after a massive data breach leaked the entire database of the Philippines' Commission on Elections." They report that the breached data even included 15.8 million fingerprint records, as well as 1.3 million records for overseas Filipino voters, including their passports' numbers and expiration dates, all stored in plain text.

Welp

Well that's not good.

Re:Welp

[MightyYar]

It might be good. If something like this happened in the US, it might finally wean our financial institutions off of using the stupid SS# as a universal id / security token. The whole system is setup to fail over something like this.

Re:Welp

Already has been with the massive OPM hack last year. They got the records of 22 million federal workers, including the SSN, and about 1 million of the records had fingerprints attached. It didn't change a damn thing.

Anonymous

[Black+Parrot]

The magazine attributes an initial web site breach to Anonymous, who were reportedly trying to persuade the commission to enable more security features on their automated vote-counting system before upcoming national elections on May 9.

How's that War on Trump going, guys?

Re:Anonymous

The concept of identity cannot be used to refer to an organisation, which is effectively an inverse of the concept of "organisation".

And yea, he is pretty and naive.

Question is not whether, but when you are affected

[ffkom]

Given the epidemic negligence regarding IT security everywhere in the world, you can expect things like this to happen in every country. People/companies who maintain your data will rather save 10 cents of money and 10 minutes of effort going on with insecure vs. secure solutions. Thus, the only data that remains safe is the data that you never entered or transmitted to anyone.

It doesn't have to be this way! Use OpenBSD.

It doesn't have to be this way!

Digital security is simpler than most people would realize.

The first thing to do is to use software that's developed by people who care a whole lot about security. That means the OpenBSD developers. They've shown us time and time again that they care a lot about security. They thoroughly audit their own code. They audit the code of other projects. They'll even fork, fix and maintain code written by others if it isn't up to their standards! Just look at the wonderful things they've done with the LibreSSL project, which time after time is not vulnerable to problems found in OpenSSL just because the OpenBSD developers put so much effort into making LibreSSL secure.

As long as the code you're using as been created by or vetted by the OpenBSD developers, there's a very good chance that it's as secure as you will practically hope to get. If security is what you're after, then OpenBSD is what you need!

Re:It doesn't have to be this way! Use OpenBSD.

tl;dr "If you use OpenBSD, the `when' is slightly later."

The solution to big data breaches is to abandon the concept of big data. I'd be happy with returning to paper records for many things, as the benefits of computerisation are often far over-rated, but many might not be.

Re: It doesn't have to be this way! Use OpenBSD.

I don't care how many SSL libraries and encryption packages are available. If dumbass programmers and IT pros store everything as clear text in a database, it is just a matter of time before a security breach leaks all the secrets.

Re:It doesn't have to be this way! Use OpenBSD.

[hey!]

There's a piece of wishful thinking.

Yes, it makes sense to choose platform with better security, but that doesn't make security easy, any more than <car_analogy>buying a Volvo makes you a safer driver:</car_analogy>

Here's the reason so many systems are insecure: confirmation bias. It works like this.

Q: How much will it cost to do the system?

A: X + Y dollars if we want do a good job with security.

Q: Well, in that case we're not doing it, because we only have X dollars. If we spent X dollars would that be secure enough?

A: Wishful thinking and confirmation bias kick in

Correction

[campuscodi]

Trend Micro did not break the news. It was CNN Philippines: http://cnnphilippines.com/news... Trend Micro just analyzed the data dump a week after it happened.

My God! public information made PUBLIC!!!!

The idea that voter information is private is a bit on the ridiculous side. Most election jurisdictions openly provide this information to political campaign groups. This information also needs to be public to prevent election fraud. If you are using fingerprints to identify voters, then someone needs to be able to verify that the fingerprints actually match the person and don't match a hundred other voters.

Public domain

On archive.org the complete data dump is labeled as public domain. Which it is, because these data belong to the Republic of the Philippines so they should be public, right?

Errrrrr

[JustAnotherOldGuy]

Someone needs to be penalized for this, but I'd bet a million dollars no one will be held accountable in any significant way.

Re:Errrrrr

Why just one person?

Re:Errrrrr

[h33t+l4x0r]

You don't understand how bad corruption is here. Politicians literally buy votes and nobody has a problem with it. "Running a negative campaign" in the Philippines means taking out a hit on your opponent. Hundreds of political assassinations every year, and the problem is unsolvable because the people have accepted it. The news is too scared to investigate or report on it so instead it reports on a drug problem that doesn't really exist.

Re: Errrrrr

Is it true a white guy can rent out half a dozen gilipino

Re: Errrrrr

Lets start that again.

Its been said that a white guy with a thousand bucks a month can live very well in the philippines. Is this true ?

Im talking 18-25 yo old hot women (really hot ones) aplenty and they are easy to get. Just find a cute one working in the cosmetics dept of a major store and ask her out, youre garanteed to get a yes.

Are these things true ?

Re: Errrrrr

Probably but you would likely get scammed out of all your money by an organized group that looks for people like you. She'd marry you and you'd likely end up dead.

Re: Errrrrr

[h33t+l4x0r]

No, things cost what they cost. The $4 starbucks you buy every morning is still $4. Groceries, rent, utilities, all about the same. So you might get a yes but you can't afford to take her anywhere nice on that budget.

Re: Errrrrr

In many areas of metro Manila, a thousand bucks (USD) a month is plenty if you eat the local food, are content to find one girl at a time and stick with her for at least a few weeks or a month at a time, and are willing to spend most nights at home.

If you need a more western life style (frequent dining out, shopping, traveling, etc.) plan on going out every night, and plan to frequently switch partners or maintain more than one partner at the same time, then plan on tripling your budget to at least 3K/month.

Re: Errrrrr

You'd be far better off in SE Asia. Cambodia is actually very nice, inexpensive, and the women are drop-dead gorgeous. You can live quite well there for $1000 to $1500 a month, no problem. Medical care can be iffy, but it's getting better by the day. Most people there go to Vietnam for world-class medical care.

There's no 911 service and some amenities are missing, but you can buy a nice home in a borei (a gated neighborhood) for $30K to $50K and never pay a dime in taxes for as long as you live. Food will run you anywhere from $10 to $20 a day, and that's in decent restaurants. Clothes are super cheap and phone service is super cheap. Internet service is also very affordable. Cars are expensive so plan on getting a moto or maybe a small vehicle (they're much more practical than trying to maneuver some big-ass SUV around the streets).

The country is bursting at the seams with slim, beautiful, young women who would love to partner up with a Western guy, including older guys. The trick is to find one from a good family, but that just involves a little legwork and common sense. They take their marriage vows very seriously, not much cheating goes on there compared with places like Europe or America. In other words, they're very faithful and rarely fuck around on you. The women are not like American women, so don't expect to screw your way across the country banging everything that moves. (Yes, there are women like that there, but they're not the norm.) Find a good one, get married, and you'll live very happily. Your friends will be jealous. And yes, I speak from experience. :)

Re:Welp,

[FirstOne]

It already has, the US voter registration database and attendance record has been sold to each politcal party since it was first digitised.

From that continously updated database, information is broken down my county and distributed to local politico officials (on a CD or DVD).

Re:Welp,

[MightyYar]

Yeah, but not fingerprints or SS#. This release of information was worse than addresses and affiliation.

No here's the reason

Here's the reason so many systems are insecure. They are in the process of killing of 95% of us. And they will use every single means at their disposal -- poison us, irradiate us, force GMOs down our throats, pour refugees (often criminals) into better off countries, and of course, attack all of us online in every way possible.

Every single bit of every single "security leak" is DELIBERATE -- if not with the incompetent companies that "leaks" info, then with the deliberate vulnerabilities introduced at countless possible places along the way, from routers through OSes, etc.

Brain cancers, once extremely rare, are now the number one cancer in the young. ::cough:: cell phones ::cough::

Wake up and smell the death in the air.

Re:No here's the reason

[Coren22]

Did you know that the tin foil hat you wear on your head actually increases your exposure to radiation? The radiation bounces around inside the hat hitting you multiple times! You should instead use my patented grounded metal foil masks that absorb and remove all radiation from all directions!

Dear Anonymous

Who elected you as vigilante? You don't speak for me. Matter of fact you probably speak for very few people. Why don't you slide back into your parents basement and invent new searches for goat porn? MYOFB.