EDITOR'S NOTE: A website was just launched yesterday which makes it easy to access private information of 70 million Filipino voters. This hacking incident led to widespread paranoia as expressed in social media. However, Kami.com.ph contributor, Darren Cheng says hacking is inevitable. Sooner or later you will get hacked. He offers ways to mitigate its harm and tips on how to protect yourself.
TLDR: Getting hacked is inevitable. It's happened to me, so this ain't my first rodeo. And now it happened to the rest of the Pilipinas. It's not the end of the world. Some hostile person actually has to get the data, and figure out a way to use it against you. So you can point fingers at COMELEC all day, but remember: you still need to secure yourself today.
This data breach is making big news. Not to downplay COMELEC's error, but I will say generally stuff like this is expected. I mean, we give our personal data the 3 phone companies, 99 government agencies, the power company, and the BPO dude getting our jollibee takeout order.
All it takes for hostile agents to get your data is 2 things: a) an exploit that enables access to the actual data, and b) an INSUFFICIENTLY encrypted database. Whenever a company gets hacked, failure to do these, especially the second, is a MORTAL SIN. What's the use to a hacker if the data they copy is garbled because of encryption? Using widely available modern encryption methods means it'll take them a very long time to decrypt, at which time the info is irrelevant.
In order to give you comfort, I will share you my framework for personal data security.
First: Inventory your data, and Triage
a) What pieces of data do I give out?
b) Who do I give them out to?
b1) How secure will their records be? Is it public, or private?
b2) How important/critical is this piece of data?
c) What accounts rely on the data that I give out
c1) How critical is this account to my personal well being
Second, Given the above questions, analyze:
by Darren Cheng
READ RELATED: Hacked Comelec voters’ data searchable online
Darren Cheng is a concerned netizen. He studied BS Management Engineering at Ateneo de Manila University.