No time for another data breach


LAST JAN. 8, Department of Foreign Affairs (DFA) Secretary Teodoro Locsin Jr., via Twitter, said that Filipinos should bring their birth certificate when renewing their passport because the agency is “rebuilding [its] files from scratch because [the] previous outsourced passport maker took all the data when contract (was) terminated.”

Days later, he retracted his previous statement, saying the data were not taken away but were rather just made inaccessible by the previous French passport-printing contractor, Francois-Charles Oberthur Fiduciaire.

The DFA, not having back-up files for important data, proves how incompetent it is, to think that last August President Rodrigo Duterte even signed the Philippine Identification System (PhilSys) or the National ID System, which integrates all government-issued identifications of every Filipino citizen. How can we now trust a government that allows data breaches?

With this passport chaos, Filipinos have to carry the burden of the DFA’s recklessness, which puts citizens at risk of fraud. Even worse, a breach may cause a concern to a people who have to elect their officials soon. To note, in 2016, months before the presidential election, two different hacker groups—Anonymous PH and Lulzsec Pilipinas—taunted the Commission on Elections. The hackers successfully defaced the agency’s website and exposed elections-related data, which included not only the publicly known information of millions of Filipinos but also their voter registration information.

A cyberattack that happens months before elections could be a “trial run” for a more massive attack that might happen come election day. In the case of Ukraine’s presidential election in 2014, they reportedly experienced dangerous “cyberattacks on electoral servers and personal computers of election staff” which were meant to disrupt and sabotage the election results.

The Ukrainian Security Service said offenders try to discredit general, presidential election results through previously installed software that will fake results in the given region.

In a report published by The Guardian, Trend Micro, a multinational cyber security and defense software company, warned the Philippines of the possible threats and risks we might experience as a consequence of data breach.

“Cybercriminals can choose from a wide range of activities to use the information gathered from the data breach to perform acts of extortion. In previous cases of data breach, stolen data has been used to access bank accounts, gather further information about specific persons, used as leverage for spear phishing emails or BEC schemes, blackmail or extortion, and much more,” Trend Micro said.

These government agencies just slapped into the faces of Filipinos its irresponsibility and lack of accountability. Admitting their faults does not justify their carelessness that can result in issues of national security. Security measures should always be in place.

Seats in the government will be filled this upcoming midterm elections and it is but vital that the security of our data is ensured.

Our information must not be used to manipulate the elections. Engineered elections kill democracy.

The passport chaos should serve as a reminder for us, especially those in position, that it is highly necessary to intensify and solidify our standards when it comes to data protection and security.


This site uses Akismet to reduce spam. Learn how your comment data is processed.