Every Voter In The Philippines Exposed In Massive Data Breach (infosecurity-magazine.com) 28
schwit1 writes: "The database of the Philippine Commission on Elections has been breached and the personal information of 55 million voters potentially exposed in what could rank as the worst ever government data breach anywhere," according to Infosecurity Magazine.
The magazine attributes an initial web site breach to Anonymous, who were reportedly trying to persuade the commission to enable more security features on their automated vote-counting system before upcoming national elections on May 9. A second group named LulzSec Pilipinas then later posted the entire voter database online.
Trend Micro wrote that "Every registered voter in the Philippines is now susceptible to fraud and other risks after a massive data breach leaked the entire database of the Philippines' Commission on Elections." They report that the breached data even included 15.8 million fingerprint records, as well as 1.3 million records for overseas Filipino voters, including their passports' numbers and expiration dates, all stored in plain text.
The magazine attributes an initial web site breach to Anonymous, who were reportedly trying to persuade the commission to enable more security features on their automated vote-counting system before upcoming national elections on May 9. A second group named LulzSec Pilipinas then later posted the entire voter database online.
Trend Micro wrote that "Every registered voter in the Philippines is now susceptible to fraud and other risks after a massive data breach leaked the entire database of the Philippines' Commission on Elections." They report that the breached data even included 15.8 million fingerprint records, as well as 1.3 million records for overseas Filipino voters, including their passports' numbers and expiration dates, all stored in plain text.
Re:Welp (Score:4, Insightful)
It might be good. If something like this happened in the US, it might finally wean our financial institutions off of using the stupid SS# as a universal id / security token. The whole system is setup to fail over something like this.
Re:Welp, (Score:2)
It already has, the US voter registration database and attendance record has been sold to each politcal party since it was first digitised.
From that continously updated database, information is broken down my county and distributed to local politico officials (on a CD or DVD).
Re: (Score:2)
Yeah, but not fingerprints or SS#. This release of information was worse than addresses and affiliation.
Question is not whether, but when you are affected (Score:3)
Re: (Score:1)
tl;dr "If you use OpenBSD, the `when' is slightly later."
The solution to big data breaches is to abandon the concept of big data. I'd be happy with returning to paper records for many things, as the benefits of computerisation are often far over-rated, but many might not be.
Re: (Score:3)
There's a piece of wishful thinking.
Yes, it makes sense to choose platform with better security, but that doesn't make security easy, any more than <car_analogy>buying a Volvo makes you a safer driver:</car_analogy>
Here's the reason so many systems are insecure: confirmation bias. It works like this.
Q: How much will it cost to do the system?
A: X + Y dollars if we want do a good job with security.
Q: Well, in that case we're not doing it, because we only have X dollars. If we spent X dollars wou
Re: (Score:2)
Did you know that the tin foil hat you wear on your head actually increases your exposure to radiation? The radiation bounces around inside the hat hitting you multiple times! You should instead use my patented grounded metal foil masks that absorb and remove all radiation from all directions!
Correction (Score:4, Informative)
Errrrrr (Score:1)
Someone needs to be penalized for this, but I'd bet a million dollars no one will be held accountable in any significant way.
Re: (Score:3)
Re: (Score:2)