‘Comelec server hack not true,’ Guanzon says amid NPC’s probe

January 12, 2022 - 5:35 PM
This undated photo shows the Commission on Elections office at the Palacio del Gobernador in Intramuros, Manila. (pdgcc.gov.ph)

The National Privacy Commission had set a meeting between the Commission on Elections and Manila Bulletin for a separate investigation into the alleged hacking incident involving poll servers.

NPC issued this statement on Wednesday, January 12.

The privacy commission also sent an order to Art Samaniego Jr., technology editor and IT head of Manila Bulletin.

They were ordered to appear for a “clarificatory” virtual meeting on Jan. 25, 2022.

“The NPC’s Complaints and Investigation Division commenced its own independent investigation and issued a notice to COMELEC requiring them to explain the alleged hacking and data breach,” NPC Commissioner John Henry Naga said in a statement.

On the same day, Comelec Commissioner Rowena Guanzon dismissed Manila Bulletin’s report about the matter as fake news.

“FAKE NEWS: @COMELEC server was hacked, not true. Manila Bulletin editor must verify,” she said on Twitter.

Last Monday, Manila Bulletin reported that an unnamed group of hackers managed to breach Comelec’s system and download more than 60 gigabytes of data from it.

The report stated that this data “could possibly affect the May 2022 elections.”

It cited “usernames and PINS of vote-counting machines (VCM)” as among the files or data the alleged hackers downloaded.

Comelec spokesperson James Jimenez was immediately informed about the situation, according to MB’s Technews team.

Samaniego previously shared on social media that they have waited three days for the poll body to respond before publishing the article.

“Two headlines for today. We waited for three days, we did not get any reaction. Less than three hours after we published, Comelec gave a statement. And, I first got the statement from FB friends,” he said.

In its response, NPC directed Comelec to address the hacking allegations in connection to the 2022 national elections in the coming virtual meeting.

“The COMELEC must address the serious allegations made in the Manila Bulletin news report and determine whether personal data were indeed compromised, particularly personal information, sensitive personal information, or data affecting the same, which were processed in connection with the upcoming 2022 national and local elections,” the commission said.

“COMELEC is also directed to conduct a comprehensive investigation on the matter and submit to the NPC the results thereof no later than January 21, 2022,” it added.

NPC then stressed that it will not tolerate any activities that violate the Data Privacy Act.

“Rest assured that the NPC does not tolerate any act in violation of the Data Privacy Act including negligence in implementing organizational, physical, and technical security measures on personal data processing systems, whether in government or private institutions,” it said.