Second Suspect Arrested In Philippines Hack

Matthew Broersma,
data breach, security

A 23-year-old man has been named as the culprit behind a data breach affecting 55 million voters

Philippines law enforcement agents have arrested a second suspect in their investigation of a hack that exposed the personal details of 55 million of the country’s registered voters.

Jonnel De Asis, 23, was arrested at his home in Parañaque by officers of the Philippines’ National Bureau of Investigation (NBI), according to reports in local media.

Insecure systems

Hacker, cyber crime, criminal, bank cards © Creativa, Shutterstock 2014

De Asis, a systems integrator at a semiconductor firm, has reportedly admitted he belongs to hacking group LulzSec Pilipinas and said he hacked the Commission on Elections (Comelec) site in order to highlight its insecurity ahead of upcoming elections.

Comelec’s website was initially defaced on 27 March by the Philippines branch of the Anonymous hacker group, which left a message accusing the government of poor security.

Later on the same day LulzSec Pilipinas, a distinct group, posted an online link to what it claimed was Comelec’s entire database, a 338 GB file containing 75.3 million individual entries.

The data was downloaded from Comelec’s site before the defacement, but LulzSec Pilipinas reportedly waited to disclose it.

De Asis denied uploading the database to a public website, something disputed by law enforcement agents.

Second arrest

“Initial investigation disclosed that he was the one who downloaded the file from the Comelec website and the one who leaked it to the public,” said Ronald Aguto, head of the NBI’s Computer Crimes Division, told a local television programme.

The arrest follows that on 21 April of 20-year-old Paul Biteng, accused of involvement in the hack as a member of Anonymous.

Biteng, who used the online handle PhantomHacker Khalifa, is a security researcher who has won several bug bounties from Facebook and is listed on the company’s Security Hall of Fame.

Biteng and De Asis face charges under the Philippines’ Cybercrime Prevention Act on illegal computer access, data interference and illegal use of devices.

The NBI said a third suspect is still at large and added that it is investigating the possibility that Anonymous and LulzSec may have been manipulated by a wider, more dangerous group.

The exposed database includes 1.3 million records for overseas Filipino voters, listing their passport numbers and expiry dates, as well as other personal details, in an easily searchable plain-text format, according to computer security firm Trend Micro.

“Every registered voter in the Philippines is now susceptible to fraud and other risks,” Trend said.

Are you a security pro? Try our quiz!