Security expert also shows other sensitive information was leaked
If you thought that the breach of the Commission on Election’s data couldn’t get any worse, you’re wrong – security expert Troy Hunt, the guy who maintains Have I Been Pwned says that approximately 228,605 email addresses associated with the votes included in the database of the Comelec may have been compromised and are now out in the wild.
Earlier last week security firm Trend Micro said that sensitive personal information was revealed in the database hack, which is now being called the biggest government-related data breach in history. Conveniently enough, Comelec has downplayed the hack, saying that no sensitive information was disclosed.
Mr. Hunt doesn’t agree, and has the data to prove it. Included in the breach is the name, vital statistics, biometrics, names of their father and mother (including the maiden name) as well as their physical address, gender, marital status, where they were born, where they currently reside, their profession and phone number. That’s enough information for any determined fraudster to gain access to the person’s email account and bank account, not to mention pry more information from the mark using social engineering.