How to protect yourself after COMELEC voters identity has been leaked in the internet

Philippines experienced the largest data breach in history of the country. After the COMELEC website was hacked by a group that call themselves LulzSec Pilipinas in March, the NBI and COMELEC partnered to catch the hackers.

LulzSec Pilipinas also wrote a status in their Facebook account in March, “A great lol to Commission on Elections, here’s your whoooooole database.”

Now, the question is how do we protect our identity from fraud after this leaked database of COMELEC happens.

I saw this post on my friends facebook post and I want to share it here. Please follow all the things they enumarated here. It’s a sad day to all Filipinos and hopefully the Government will learn from this and protect the database of people’s identity.

What To Do To Protect Yourself If Your Personal Info Is Compromised Due to the Recent COMELEC Database Hacking Incident.

A variety of personal data is included: full legal name including your mother’s maiden last name, full birthdate, permanent addresses, and even the image of your fingerprints. OFWs are even more adversely affected as it contains passport information and their address abroad. All of these information can be used against you in the form of identity theft.


If your personal information is compromised, here are the possible things that might possibly happen to you:

• Credit card fraud thru over the phone or online purchases with assistance from your credit card company by providing personal details

• Access to your bank accounts and information by providing your personal details – Receive phishing e-mails coming from individuals or institutions identifying itself as a bank asking information of password or PIN reset

• Take over your email and social media accounts (Facebook, Instagram, Twitter, etc) by requesting a request password

• Receive phishing e-mails coming from individuals or institutions identifying itself as a bank asking information of password or pin reset.

• Email reset request with links

• You will probably get notices from COMELEC or NBI or any other government or organizations such as banks asking you to check if your name is included in the stolen database.


These are the things you can do to protect yourself:

• Change all your passwords, with a unique password for each online account

• Use password management applications such as 1Password or Passkeeper

• Change your forgot password secret question and answer making sure to avoid using “Mother’s Maiden Name” as your secret question and answer

• Use two-factor authentication for all your online banking accounts. If possible, avoid using your cellphone number and use mobile applications and/or physical security devices for two-factor authentication

• Do not respond to calls from anyone asking you for your personal information, especially your full name, address, and mother’s maiden name. Only provide such information if you’ve called your bank yourself, and as much as possible limit these interactions.

• Do not follow links received via email, especially those asking you to input your password, or answer questions with personal information. Only provide such information if you’ve personally opened an online banking website yourself

• Be weary of notices from government, organizations like banks verifying about your personal information

• Do not open email attachments from email addresses that you don’t know and expect, especially when the files are in HTML, ZIP, JPG, DCOM, RAR, or JAR format.

This list is by no means complete, so always remember to be vigilant, and in the event of suspicious activity immediately contact the help desk of any online service or bank you are using.

Written by Jon Limjap, Milo Pacamara and compiled by Humprey Cogay and Toto Gamboa

Today a website was put up with a searchable leaked database that anyone can search your identity. The website has named “Philippines, we have your data :b”.

photo credit: