fbpx

What to do if your personal information is included in the leaked COMELEC data

If you managed to check the website where the leaked data (search here) from COMELEC and found that your personal information is included, then you could face risk in being targeted to further exposure like identify theft and unauthorized access to personal or financial accounts.

Based on the data that we saw, it is probable to gain access to your online accounts (Facebook, Twitter, etc.), banking accounts, credit card and other related online services.

So what do you do? Here are some tips for you to take in order to mitigate or minimize further exposure:

1) List down all your important online accounts starting with your FB all the way to your Paypal or banking accounts, credit card, postpaid account (Globe and Smart portal) and other services that you regularly use. Make a checklist and go thru them one by one so it’s easier and you will not miss anything later on.

2) Log in to those sites and immediately change your passwords, just to be sure. Most people would have a Facebook account so double check the security settings of your account and hide personal information like mobile number and similar ones. A lot of people also use their emails (GMail, Yahoo) as primary access to other online accounts. Make sure the passwords are harder (alphanumeric, more than 8 characters and use special character) and enable SMS notification.

3) Look for the Security settings and modify your Challenge Questions. Normally you would have your birth date, mother’s maiden name and address as the usual challenge questions, all of which are available in the leaked data from the COMELEC.

Some banks like BDO use personal information when you request for a password reset. In our case, it’s the city I was born I and my mother’s maiden name.

4) Use two-factor authentication. This sends a PIN code to your mobile phone whenever there is a valid access to your account. A lot of sites already has this feature so check it and activate it.

5) Call your credit card company and phone banking company and change some of your old information that was leaked from the COMELEC database. While you can’t change your birth date and mother’s maiden name, perhaps a change of address (to a parent’s address or office address) could minimize the risk.

On top of these, be always on the look out for signs of activity especially in your financial accounts.

In our case, we started with our bank accounts, then postpaid accounts with Globe and Smart (online portal) and then credit card accounts.

Aside from your online accounts there could also be other identity-theft related activities that can expose you. We’ve already heard of unscrupulous individuals scamming telecoms companies by opening postpaid accounts with free devices, people requesting a supplementary credit card account under your name without your approval, and incidents of people getting SSS loans under a stolen identity.

The COMELEC has downplayed the risk of exposure of millions of voters as a result of the leaked data. The repercussions might be far more than what they’d like to admit but the risks are very real.

The least they could do is to swiftly act on a massive information dissemination to all those affected and coordinate with government agencies and financial institutions that could be affected by these leaked data. Those personal data are already out there and there’s nothing we could do but be aware and make the necessary actions to minimize the potential risks and avoid further exposure.

Here are “Top legit 5 places your leaked information can be sold to“.

Related stories:

Suspected COMELEC website hacker arrested by the NBI

There is now a search engine for the leaked COMELEC database

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 985 other subscribers
Avatar for Abe Olandres

Abe is the founder and Editor-in-Chief of YugaTech with over 20 years of experience in the technology industry. He is one of the pioneers of blogging in the country and considered by many as the Father of Tech Blogging in the Philippines. He is also a technology consultant, a tech columnist with several national publications, resource speaker and mentor/advisor to several start-up companies.

10 Responses

  1. Avatar for Eepotpapa Eepotpapa says:

    Only point #3 is a concern, But if you make your birthday a security question then you are vulnerable even before the leak. The other points such as changing your password is wasteful. If an attacker attempts the “forgot password” process and successfully changed your password, then a notification will be sent to you that your password has changed and then you won’t be able to access your account. If you can still access your account, then that means they were not able to reset your password. There is no way for them to know your passwords just by looking at the leak data.

    The most alarming issue here is identity theft. Someone might call somewhere and pretend to be you by providing the leaked details as proof. This however is very hard to prevent.

  2. Avatar for BIKTIMA KAMI LAHAT NG COMELEAKS BIKTIMA KAMI LAHAT NG COMELEAKS says:

    COMELEC HAS TOTALLY LOST
    ALL THE REMAINING CREDIBILITY
    THAT IT BEARS… IF THERE’S
    STILL ANY LEFT.

    THE ONLY HONORABLE
    WAY OUT NOW IS FOR ALL THE
    COMELEC LEADERSHIP TO RESIGN
    & SAVE FACE NOT ONLY FOR
    THEMSELVES BUT FOR COUNTRY
    AS A WHOLE…

    ANYTHING LESS IS UTTER
    STUPIDITY & “KAKAPALAN NG
    MUKHA” !!!

    THE FILIPINO IS HONORABLE…
    HE IS NEVER STUPID
    & NOT “MAKAPAL” !!!

    GETS MO COMELEC ???
    NOW SHOW US YOUR TRUE FACE…

  3. Avatar for fio fio says:

    Even if you are not a high profile individual, still your information can be sold off to scammers / email marketers… :( that’s the least that could happen. now imagine all the celebrities and high profile peeps…

  4. Avatar for clark clark says:

    It is not with the entry, it’s your information that is searchable. In case you are using some of your info for passwords, change it now, otherwise your clues are already there :)

  5. Avatar for the other the other says:

    The latest result from the governments spectacular display of incompetence. Some people in Comelec must be FIRED IMMEDIATELY for this. And compensation given to those affected.

  6. Avatar for Easy E Easy E says:

    High profile people are at a higher risk here. For most of us, just take precautionary measures.

  7. Avatar for TangaLang TangaLang says:

    Hmmm..with millions of names posted, we have a very low chances the we will be targeted for identity theft but sure the risk is there.

    We don’t know what’s the purpose of posting those online. This is just my thought, if i am the hacker and plan to steal identity, i will not waste my time with those millions of names. Instead, i will post it online and see who of those idiots look for their names and those will be my prone target. Simple.

    As for those people who used the search engine, why did you search your names? Dont you know your personal info? Geez…..

    • Avatar for TAKTAK TAKTAK says:

      The purpose? It was mentioned on the website.

      The hacker’s purpose is to show how incompetent our government is. They are even downplaying the issue, saying that there are no risk blah blah. Every leaked personal info is a risk when used against you. There’s a lot of possibility. They posted the info online to show the urgency of this kind of data breach from a government agency.

  8. Avatar for Marvin Choi Marvin Choi says:

    what ? how the hell are they gonna get my FB / Twitter / Paypal password by just looking at my personal details ?

    • Avatar for JessPH JessPH says:

      By going to the “I forgot my password” section of a website. Users are then asked security questions like “what is your mother’s maiden name”.

Leave a Reply
JOIN OUR TELEGRAM DISCUSSION

Your email address will not be published. Required fields are marked *