Law enforcement authorities in the Philippines have arrested
a second suspect in relation to the hack and defacement of the
country's electoral commission, that resulted in the loss of up to 55
million voter records. In a press conference held on 29 April, Andres
Bautista, the chairperson of the Commission on Elections (Comelec),
identified a 23-year-old man called Jonnel De Asis as one the
ringleaders of 'Anonymous Philippines', which reportedly orchestrated
part of the attack on 27 March.
Last month, the Comelec website was defaced
by hackers who are aligned with Anonymous. Then, a second group called
LulzSec Pilipinas posted the entire electoral database online, roughly
three days later.
The data dump contained National ID numbers, names,
addresses and biometric data, including fingerprint records, according
to analysis conducted by security firm Trend Micro.
Now, according to ABS-CBN News,
Ronald Aguto, head of the National Bureau of Investigation (NBI)
computer crimes division, said the arrested suspect admitted to hacking
the website in order to "prove its vulnerability" and also claimed that
the suspect was to blame for uploading the trove of data into a
searchable format on a short-lived public website.
"Initial investigation disclosed that he was the one who
downloaded the file from the Comelec website and the one who leaked it
to the public," De Aguto claimed, before adding that a third suspect
remains on the loose. The cyber police department said it also plans to
trail those who downloaded the leaked database.
"Enjoy the lulz"
Speaking exclusively to IBTimes UK, a member purporting to be from the LulzSec Pilipinas group echoed the claim the hack was carried out to "expose how vulnerable the Comelec website is" however denied the two groups were working tightly together."We already had access to the website months ago before Anonymous Philippines defaced it. We saw the opportunity to join the fun," our source said. "Regarding the arrest, [they can] find us if they can. We will just watch and enjoy the lulz"
As previously reported,
authorities arrested a man called Paul Biteng on 20 April on a number
of cybercrime-related charges. Biteng was apprehended at his home in
Sampaloc, Manila and also reportedly admitted his role in the hack.
Following the arrest, Comelec spokesperson James Jimenez said his
organisation is doing everything it can to resolve the issue "at the
soonest possible time." He added: "I apologise for this continuing
attack on your privacy."
Post a Comment