Comelec servers hacked; Downloaded data may include information that could affect 2022 elections

Sensitive voter information may have been compromised after a group of hackers was allegedly able to breach the servers of the Commission on Elections (Comelec), downloading more than 60 gigabytes of data that could possibly affect the May 2022 elections.

Comelec logo (Photo from Wikipedia)

This was discovered by the Manila Bulletin (MB) Technews team, which found that the hackers’ group managed to breach the system of the Comelec last Saturday, Jan. 8, 2022, and download files that included, among others, usernames and PINS of vote-counting machines (VCM).

The MB Technews team immediately informed Comelec Spokesperson James Jimenez of its findings. Jimenez said he would bring the information to the attention of the Comelec Steering Committee.

In a call to MBTechnews Monday, Jan. 10, 2022, Jimenez said he has yet to get a reply from the Comelec Steering Committee.

The other downloaded files were network diagrams, IP addresses, list of all privileged users, domain admin credentials, list of all passwords and domain policies, access to the ballot handling dashboard, and QR code captures of the bureau of canvassers with login and password.

(Sergey Zolkin/ Unsplash)

“Sensitive data downloaded also included list of overseas absentee voters, location of all voting precincts with details of board of canvassers, all configuration list of the database, and list of all user accounts of Comelec personnel,” said MBTechnews.

A source contacted MBTechnews last Saturday, Jan. 8, 2022, to provide information that there was an ongoing hack of Comelec servers.

MBTechnews promptly verified this information, and found that there was, indeed, an ongoing hacking of the servers. Further investigation showed the extent of the hacking to include the Comelec information that were stolen by the hackers.