
The Commission on Elections' (Comelec) data base “remains secure despite the breach at its technology provider Smartmatic,” the National Bureau of Investigation (NBI) said on Friday, April 22.
NBI Cybercrime Division (CCD) Chief Victor V. Lorenzo made the assurance as he noted that his office has begun the operations to hunt down members of the XSOX group which is behind the Smartmatic breach.
“Wala naman silang na-exfiltrate na files that have connections with the forthcoming elections (they have not exfiltrated files that has connections with the forthcoming elections),” Lorenzo said.
“Pangalawa, wala naman siya na-access na sensitive information or sensitive files from the controlled environment of Smartmatic. Wala e. Mga basura lang e tapos publicly available, internal and at the same time walang connection sa elections (Second, they did not access sensitive information or sensitive files from the controlled environment of Smartmatic. Nothing. Only garbage that are publicly available, internal and at the same time has no connections with the elections),” he said.
Lorenzo recounted that XSOX claimed that “compromised ang data base ng Comelec (XSOX has claimed that the data base of COMELEC is compromised).”
“They even threatened in public that they are going to expose everything,” he added.
But, he stressed, the group has not accomplished its threats.”
“Panay kuwento lang. They are creating an atmosphere of fear pero may na-prove na ba sila? May na-compromise ba? Wala. (They are all talk. But have they proven anything? Has something been compromised? Nothing.),” he pointed out.
Meanwhile, Lorenzo said the NBI-CCD filed before the Taguig City Prosecutor’s Office last April 12 a criminal complaint against former Smartmatic employee Ricardo Argana for 720 counts of unlawful access in violation of Republic Act No. 10175, also known as the Cybercrime Prevention Act of 2012.
Argana, who remains at large, is believed to have worked with XSOX that resulted in the breach in Smartmatic.
“He went into hiding and always remember that flight is indicative of guilt,” he noted.
The complaint was filed after the NBI-CCD implemented a search warrant issued by the Makati City regional trial court (RTC) and raided last April 10 Argana’s home in San Pedro, Laguna where agents seized his gadgets including his mobile phone, Wi-Fi router and SD cards.
Lorenzo said that Argana, who was a contractual employee with Smartmatic from August to January 2022, managed to bring out last December 28 the laptop provided by Smartmatic and return it last January 3.
He said there had been 726 logins recorded in Smartmatic’s systems in just six days which he pointed out Argana could not have done it alone.
He also said the NBI-CCD is also hot on the trails of members of XSOX which is the group also called “Iloilo Blackhat.”
“They claimed responsibility for all the hacking that took place in 2018 in Iloilo City and at that precise moment our persons of interest created a company offering security services to the city government, schools, hospitals and other institutions),” he said.
Also, he said, the group is also suspected of involvement in the so-called 2016 “Comeleak” and the 2020 hacking of the Office of the Solicitor General (OSG).
“Merong behavioral pattern (There is a behavioral pattern),” Lorenzo observed as he added that noticeable was the similarities in the logos being used by the hackers.