NATIONAL BUREAU OF Investigation (NBI) agents arrested a second suspect in the hacking of the Commission on Elections website and the theft of the database of 57 million registered voters, said the NBI.
NBI Director Virgilio Mendez said operatives from the Bureau’s Cybercrime Division pounced on Jonel de Asis, 23, from his home in Muntinlupa City.
Mendez said De Asis, an Information and Technology graduate employed as a systems integration engineer, confessed to being the mastermind in the hacking of the poll body’s website.
However, De Asis strongly denied he and his group created the wehaveyourdata.com website which made publicly available the database of personal information belonging to 57 million registered voters, including their home addresses, birthdays, relatives, fingerprints and even passport numbers.
De Asis also admitted he and his fellow hackers decided to hack the website to prove that the Comelec website can be easily breached.
Even before the NBI came to his house, De Asis said he knew that the authorities were after him.
“I knew that I would already be arrested because this (hacking) is a big problem and the NBI was looking for suspects. I did not voluntarily surrender but I did not leave the country. I thought that I should not hide because this was my fault,” said De Asis. He called on the public to use their talent for good so they would not end up like him.
The NBI agents armed with a search warrant issued by a Malabon court, seized De Asis’ personal computer and mobile phone.
The first suspect, Paul Biteng, was arrested a week ago and admitted to the crime. He faces charges of illegal access to a computer system, data interference and misuse of devices under the Cybercrime Prevention Act of 2012.
The NBI said it was still hunting down a third suspect.
Comelec Spokesperson James Jimenez said the 340-gigabyte database that was stolen appeared to be old files and unlikely to affect the May 9 elections. He said De Asis confessed that the database that he had stolen were old files.
“We cannot still say if the database he stole is authentic, because even the hacker admitted that they targeted old data. They said they believed that if it is old data, it is no longer relevant,” Jimenez said.
He did not address the loss of privacy suffered by millions of voters, or the potential for identity theft and other crimes as a result of the data breach, however.
In March, Anonymous Philippines hacked the official Comelec website, defacing it with a message address to the poll body, demanding that they make sure the security features on the vote counting machines were activated on Election Day.
Another group called “LulzSec” accessed the data on the poll body’s website and posted it online.
“A great lol to Commission on Elections, here’s your whoooooole database,” LulzSec Pilipinas said in a Facebook post.
It was the first major leak of election-related data by a hacker group in the Philippines. (MCA)