8 Reasons the Voter Database
Breach Should Alarm Us More
By Tim Henares

It may not be reported as much as it should, but given that 54 million of us registered as voters in the 2016 elections, we really should be worried about the fact that 0% of registered voters are safe if someone figures out what to do with all this information about us.

If none of this sets off your alarms, here are 8 reasons it should—and you know that for the most part, we’re the first ones to tell everyone to calm down. This data leak cannot give us that luxury.

8. It is being downplayed way too much.

The Comelec has done a great job on voter’s education and making sure that we’re ready for May 9. What it has not done, though, is beef up its security enough to prevent something like this from happening, where anyone can now download the partially unencrypted database of 55 million voters with little to no consequences for them.

You would think the Comelec would have advised its voters to do something by now, but no. Instead, it is made to seem like all that data is unimportant, when all anyone has to do to get access to you from a call center is to supply your birthday and your mother’s maiden name, which are two details you obviously gave to the Comelec database.

7. Identity theft is not a remote possibility.

No, it’s not. Remember: a lot of us Filipinos are very private individuals who have consciously never put a lot of these details online precisely because of security concerns. While yes, some of us put most of this stuff on Facebook, it has never been placed in a more wholesale collection than it has been in this database, and that means anyone with access to the database who can link the unencrypted data with the encrypted data (the voter names) would just have to put two and two together to steal multiple identities with hardly any problems.

If this doesn’t alarm you, just imagine what happened to this public school teacher. All it takes is someone willing to go through the trouble of connecting the unencrypted data with the encrypted data, and they’re in business.

6. It also has our bio-data

Fingerprints? Did we need to give identity thieves even more ammo? Thankfully, you need a machine that recognizes these fingerprints as part of an already existing database, but that means all it takes is having one asshole in the Comelec for all of this to fall apart, doesn’t it?

5. It means the elections can be hacked.

Please don’t test the powers that be on this by saying this is impossible, Comelec. If your database can be hacked, your elections can be hacked. And it doesn’t have to be any of our candidates responsible, at that. Anyone who can do it for the lulz can cause a lot of damage.

Yes, the Comelec has claimed it has beefed up security for election day. This should obviously not be considered as a guarantee that the votes will be unhackable.

4. The one arrest made so far doesn’t undo the leak.

A suspect was very recently caught. For all we know, this one person could have engineered the entire leak. Guess what? Arresting him now does not undo the data leak, because it’s been on the mainstream web and the dark web for weeks already. You cannot just make all that data disappear.

3. This is indicative of how unready we are for a connected world.

Yes, the FBI and the Pentagon have been hacked multiple times as well. For better or for worse, they keep a lot of their information in ridiculously low-tech ways. Here, on the other hand, we are putting ourselves at the mercy of hackers who are claiming to be benevolent, yet that “benevolence” has just put all of our information at risk, and has made identity theft a looming spectre upon us for at least the next three years.

If this is still not alarming you, just think of it this way: if someone steals your identity online, any horrific thing they do is on your tab. From credit card purchases to arrest records to everything else, suddenly, you’re living a wild life you’ve never even heard about.

2. We are sitting ducks.

If we haven’t stressed it enough yet, we will stress it yet again: we are sitting ducks. The only reason we haven’t magically lost our money yet is that hackers might have better things to do than to completely destroy the online reputation of 55 million Filipinos whose personal information is ripe for the picking. Now, if a hacker never, ever feels the need to have a few bucks come their way via a not-so-impossible decryption, then sure, we’re safe.

Well, what are the odds of that?

1. Everyone else knows it’s a big deal.

Wired reported this leak with little to no fanfare. Considering how much impact Duterte is inadvertently making on our economy just by picking fights with Australia and America, this data leak puts into question our readiness on the international stage, especially when it’s the integrity of the 2016 elections being put into question.

So what can we do? We need to be vigilant. We need to report any site that hosts the database so that it can be dealt with immediately. The only way to eventually kill this issue is by taking IRL action against it.

Here’s what we can all do to take action:

What are your thoughts on the data leak? Sound off in the Comments Section!