NBI network link to ‘COMELEAK’ Data Breach

March 2016 was the time when the ‘worst recorded breach on a government-held personal database in the world’ happened in the Philippines which was coined the ‘Comeleak.’ However, the graveness of the issue expounded when it was discovered that one of the Internet Protocol addresses that were used by hackers was traced to the National Bureau of Investigation.

According to the National Privacy Commission, “One large exfiltration occurred on the evening of 23 March 2016, by a computer with a registered IP address of 202.90.136.202, later learned that this IP address was assigned to the (NBI) National Bureau of Investigation from 13 October 2015, or six months prior to the exfiltration.”

NBI spokesperson and Deputy Director for Forensic and Scientific Research Services Ferdinand Lavin refused to comment on the issue until they have officially consulted with the Computer Crime Division.

Pierre Tito Galla, co-founder of the advocacy group Democracy.Net.PH, expressed concern over the use of the country’s criminal investigation agency’s network for the cyber-crime. He called out the Department of Justice to further investigate the Comeleak and determine if there really was an involvement of NBI personnel.

NPC also stated that the Comelec was liable for violating Data Privacy Act of 2012, thus Comelec Chairman Andres Bautista should be criminally prosecuted. Bautista allegedly did not take data protection seriously compromising the private information of millions of Filipinos.

University Professor Danilo Arao said, “The dereliction of duty is even more magnified by the fact that the Comelec website itself was defaced on March 27, thus putting into question the integrity and security of the commission’s information technology apparatus.”

On March 27, 2016, a group claimed to be ‘Anonymous Philippines hacked and defaced the Comelec Website. The next day, a website containing 340 GB of personal information from the entire database of COMELEC was leaked.