The nation largely responded with a shrug when the attack on the website of the Commission on Elections was first reported late last month. It didn’t help that the poll body initially downplayed the significance of the incident, with COMELEC spokesperson James Jimenez insisting that “no sensitive information was compromised during the hacking.”
Everything changed last Thursday afternoon when the hackers uploaded the personal information of 55 million Filipino voters through a website with the provocative domain name WeHaveYourData.com.
It happened after officers from the National Bureau of Investigations (NBI) arrested Paul Biteng, who is allegedly one of the three members of the Anonymous Philippines, a group that claimed responsibility for the website attack. Biteng is charged for violating Republic Act 10175 or the Anti-Cybercrime Prevention Act of 2012, which can land him in jail for up to six years. The two other suspects remain at large as of this posting.
According to a report from the Manila Bulletin, Biteng is a 20-year-old fresh graduate of Information Technology from the University of Perpetual Help – Sampaloc, Manila campus. A source told The Filipino Scribe that Biteng is a graduate of Ramon Magsaysay High School-Manila batch 2012. He was arrested by NBI officers in his home in Balic-Balic, Sampaloc, Manila.
He was also described in the news article as a “white hat hacker.” TechoPedia.com describes these individuals as IT specialists “who use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them.”
In fact, Biteng has been recognized by Internet giant Microsoft in its Security Hall of Fame and by social networking site Facebook in its Security Researcher Acknowledgments page for his work as a “white hat hacker.” The two United States-based companies give huge financial rewards to users anywhere in the world who are able to point out potential vulnerabilities in their websites.
Based on a Twitter post made by Biteng in 2013, he seems to have discovered security vulnerabilities in the website of the media network TV5 although it is not clear if he got any response.