In late March, the Philippine Commission on Elections website was defaced in an Anonymous op, and a few days later, Lulzsec Pilipinas dumped its voter database. At the time, the Commission claimed that no sensitive information was exposed in the breach, but that is clearly not the case.
The breach contains the records of 1.3m overseas Philippines voters, including their passport details; it also includes 15.8m fingerprints.
The Anonymous defacement op criticized the commission for its lax security and called on it to improve its operations prior to the May 9 elections.
“Our research showed that massive records of PII, including fingerprints data were leaked. Included in the data COMELEC deemed public was a list of COMELEC officials that have admin accounts,” the firm said in a blog post.
“Based on our investigation, the data dumps include 1.3 million records of overseas Filipino voters, which included passport numbers and expiry dates. What is alarming is that this crucial data is just in plain text and accessible to everyone. Interestingly, we also found a whopping 15.8 million records of fingerprints and a list of people running for office since the 2010 elections.”
Data Protection Mishap Leaves 55M Philippine Voters at Risk
Every Voter in Philippines Exposed in Mega Hack
Of course they announced it at the end of the day on Friday, that’s what you do with bad news.
Iowa state court officials contracted with Coalfire to conduct "penetration tests" on its security; as part of those tests, two Coalfire employees broke-and-entered the Adel, Iowa courthouse, and were caught by law-enforcement, whose bosses in Dallas County were not notified of the test.
Eleanor Saitta's (previously) 2016 essay "Coercion-Resistant Design" (which is new to me) is an excellent introduction to the technical countermeasures that systems designers can employ to defeat non-technical, legal attacks: for example, the threat of prison if you don't back-door your product.
Life isn’t getting any less hectic, and pressure cookers are a quick, healthy solution for a growing number of kitchens. But if you thought your Instant Pot was versatile, there’s a major upgrade on the market: The Yedi 9-in-1 Total Package Instant Programmable Pressure Cooker. If you’ve somehow never used a pressure cooker before, try […]
When it comes to data analytics or deep learning, there’s one language behind the apps and algorithms that power the biggest companies of today: Python. The best part about this tool is that as versatile as it is, it’s actually fairly easy to learn. But mastery? For that, you need more than just a beginners’ […]
Your smartphone’s GPS is a modern necessity for some trips, but how do you use it safely? It’s been a problem ever since phones went mobile. A certain phone mount even shelled out the money for a commercial during the Big Game, so clearly there’s a market for the solution. Turns out there are a […]