If you managed to check the website where the leaked data (search here) from COMELEC and found that your personal information is included, then you could face risk in being targeted to further exposure like identify theft and unauthorized access to personal or financial accounts.
Based on the data that we saw, it is probable to gain access to your online accounts (Facebook, Twitter, etc.), banking accounts, credit card and other related online services.
So what do you do? Here are some tips for you to take in order to mitigate or minimize further exposure:
1) List down all your important online accounts starting with your FB all the way to your Paypal or banking accounts, credit card, postpaid account (Globe and Smart portal) and other services that you regularly use. Make a checklist and go thru them one by one so it’s easier and you will not miss anything later on.
2) Log in to those sites and immediately change your passwords, just to be sure. Most people would have a Facebook account so double check the security settings of your account and hide personal information like mobile number and similar ones. A lot of people also use their emails (GMail, Yahoo) as primary access to other online accounts. Make sure the passwords are harder (alphanumeric, more than 8 characters and use special character) and enable SMS notification.
3) Look for the Security settings and modify your Challenge Questions. Normally you would have your birth date, mother’s maiden name and address as the usual challenge questions, all of which are available in the leaked data from the COMELEC.
Some banks like BDO use personal information when you request for a password reset. In our case, it’s the city I was born I and my mother’s maiden name.
4) Use two-factor authentication. This sends a PIN code to your mobile phone whenever there is a valid access to your account. A lot of sites already has this feature so check it and activate it.
5) Call your credit card company and phone banking company and change some of your old information that was leaked from the COMELEC database. While you can’t change your birth date and mother’s maiden name, perhaps a change of address (to a parent’s address or office address) could minimize the risk.
On top of these, be always on the look out for signs of activity especially in your financial accounts.
In our case, we started with our bank accounts, then postpaid accounts with Globe and Smart (online portal) and then credit card accounts.
Aside from your online accounts there could also be other identity-theft related activities that can expose you. We’ve already heard of unscrupulous individuals scamming telecoms companies by opening postpaid accounts with free devices, people requesting a supplementary credit card account under your name without your approval, and incidents of people getting SSS loans under a stolen identity.
The COMELEC has downplayed the risk of exposure of millions of voters as a result of the leaked data. The repercussions might be far more than what they’d like to admit but the risks are very real.
The least they could do is to swiftly act on a massive information dissemination to all those affected and coordinate with government agencies and financial institutions that could be affected by these leaked data. Those personal data are already out there and there’s nothing we could do but be aware and make the necessary actions to minimize the potential risks and avoid further exposure.
Here are “Top legit 5 places your leaked information can be sold to“.
Related stories:
Suspected COMELEC website hacker arrested by the NBI
There is now a search engine for the leaked COMELEC database
YugaTech.com is the largest and longest-running technology site in the Philippines. Originally established in October 2002, the site was transformed into a full-fledged technology platform in 2005.
How to transfer, withdraw money from PayPal to GCash
Prices of Starlink satellite in the Philippines
Install Google GBox to Huawei smartphones
Pag-IBIG MP2 online application
How to check PhilHealth contributions online
How to find your SIM card serial number
Globe, PLDT, Converge, Sky: Unli fiber internet plans compared
10 biggest games in the Google Play Store
LTO periodic medical exam for 10-year licenses
Netflix codes to unlock hidden TV shows, movies
Apple, Asus, Cherry Mobile, Huawei, LG, Nokia, Oppo, Samsung, Sony, Vivo, Xiaomi, Lenovo, Infinix Mobile, Pocophone, Honor, iPhone, OnePlus, Tecno, Realme, HTC, Gionee, Kata, IQ00, Redmi, Razer, CloudFone, Motorola, Panasonic, TCL, Wiko
Best Android smartphones between PHP 20,000 - 25,000
Smartphones under PHP 10,000 in the Philippines
Smartphones under PHP 12K Philippines
Best smartphones for kids under PHP 7,000
Smartphones under PHP 15,000 in the Philippines
Best Android smartphones between PHP 15,000 - 20,000
Smartphones under PHP 20,000 in the Philippines
Most affordable 5G phones in the Philippines under PHP 20K
5G smartphones in the Philippines under PHP 16K
Smartphone pricelist Philippines 2024
Smartphone pricelist Philippines 2023
Smartphone pricelist Philippines 2022
Smartphone pricelist Philippines 2021
Smartphone pricelist Philippines 2020
Marvin Choi says:
what ? how the hell are they gonna get my FB / Twitter / Paypal password by just looking at my personal details ?
JessPH says:
By going to the “I forgot my password” section of a website. Users are then asked security questions like “what is your mother’s maiden name”.
TangaLang says:
Hmmm..with millions of names posted, we have a very low chances the we will be targeted for identity theft but sure the risk is there.
We don’t know what’s the purpose of posting those online. This is just my thought, if i am the hacker and plan to steal identity, i will not waste my time with those millions of names. Instead, i will post it online and see who of those idiots look for their names and those will be my prone target. Simple.
As for those people who used the search engine, why did you search your names? Dont you know your personal info? Geez…..
TAKTAK says:
The purpose? It was mentioned on the website.
The hacker’s purpose is to show how incompetent our government is. They are even downplaying the issue, saying that there are no risk blah blah. Every leaked personal info is a risk when used against you. There’s a lot of possibility. They posted the info online to show the urgency of this kind of data breach from a government agency.
Easy E says:
High profile people are at a higher risk here. For most of us, just take precautionary measures.
the other says:
The latest result from the governments spectacular display of incompetence. Some people in Comelec must be FIRED IMMEDIATELY for this. And compensation given to those affected.
clark says:
It is not with the entry, it’s your information that is searchable. In case you are using some of your info for passwords, change it now, otherwise your clues are already there :)
fio says:
Even if you are not a high profile individual, still your information can be sold off to scammers / email marketers… :( that’s the least that could happen. now imagine all the celebrities and high profile peeps…
BIKTIMA KAMI LAHAT NG COMELEAKS says:
COMELEC HAS TOTALLY LOST
ALL THE REMAINING CREDIBILITY
THAT IT BEARS… IF THERE’S
STILL ANY LEFT.
THE ONLY HONORABLE
WAY OUT NOW IS FOR ALL THE
COMELEC LEADERSHIP TO RESIGN
& SAVE FACE NOT ONLY FOR
THEMSELVES BUT FOR COUNTRY
AS A WHOLE…
ANYTHING LESS IS UTTER
STUPIDITY & “KAKAPALAN NG
MUKHA” !!!
THE FILIPINO IS HONORABLE…
HE IS NEVER STUPID
& NOT “MAKAPAL” !!!
GETS MO COMELEC ???
NOW SHOW US YOUR TRUE FACE…
Eepotpapa says:
Only point #3 is a concern, But if you make your birthday a security question then you are vulnerable even before the leak. The other points such as changing your password is wasteful. If an attacker attempts the “forgot password” process and successfully changed your password, then a notification will be sent to you that your password has changed and then you won’t be able to access your account. If you can still access your account, then that means they were not able to reset your password. There is no way for them to know your passwords just by looking at the leak data.
The most alarming issue here is identity theft. Someone might call somewhere and pretend to be you by providing the leaked details as proof. This however is very hard to prevent.