So how about that! The allegedly unusable (and white washed to be - NOT IMPORTANT) data from COMELEC is alive and even searchable.
Yeah, this really gave me the chills. Lulzsec Pilipinas from there Facebook post actually pointed out that the data was already in there possession.
Anonymous Philippines daw naghack ng COMELEC actually defacement ang tawag dun LOL. By the way 3 years na namin hawak yang COMELEC (search kayo sa Google LulzSec Pilipinas) nagkataong sinabay lang namin leaks ng db, bilis kasi ng server ng COMELEC 6 core tas dating apache/httpd ginawang nginx webserver, tama ako no? Wala eh System Engineer ako yung IT Department niyo mga SysAds lang lol.
And with that, came We have your data :b which I was able to search the details of, guess who?! BENIGNO SIMEON AQUINO III(refer to image above).
So what is this all about? (As a statement from wehaveyourdata.com)
As you know (or don't know), recently LulzSec Pilipinas have hacked comelec.ph. They have dumped the database of about 70 million of Philippines voters and have published all the data at archive.org. The database contains a lot of sensitive information, including fingerprint data and passport information. So, we thought that it would be fun to make a search engine over that data.
Yup, our data - PERSONAL DATA - was easily taken because of poor security. How's that for protecting your domain COMELEC!? I'd really like every inch of our government websites to be secured: TLS/SSL, hashed password, high level DDoS preventive measures and all that. But I can only dream, actually my own municipality website has a bit of a 90's vibe to it - yeah Im not into the #ThrowbackThursday actually. But that was an example of a unsecured website (NOT HTTPS!).
Hopefully, everyone will be enlightened on why security is important to us citizens on and offline.
UPDATE: 7:20 PM Thursday, 21 April 2016 - It seems the website is not accessible anymore: http://www.isitdownrightnow.com/wehaveyourdata.com.html
UPDATE: 10:42 PM Thursday, 21 April 2016 - The site is back-up again with a statement from the site owners:
ATTENTION: there is no any passport information, no documents, etc. There is just personal data from the previously leaked by LulzSecPinas Comelec database. We have no responsibility and don't give any warranty of leaked data's accuracy - we have just extracted it from the dump. Prooflink: http://cnnphilippines.com/news/2016/04/21/Comelec-hack-data-registered-Filipino-voters.html