THE NATIONAL Privacy Commission (NPC) said on Thursday that it is pursuing other leads on the alleged hacking and data breach of the Commission on Elections’ (Comelec) servers. 

“Rest assured we are continuing the investigation to determine if personal data was compromised, violations of the Republic Act No. 10173 or the Data Privacy Act were committed, and the responsible individual or group for this incident,” Privacy Commissioner John Henry D. Naga said in a statement. 

The commission said it is looking into a group of hackers claiming responsibility for the hack, while a third-party provider of Comelec possibly involved in the issue has been summoned to appear in a clarificatory hearing. 

NPC held separate clarificatory meetings on Jan. 25 with representatives of Comelec and daily broadsheet Manila Bulletin, which first reported about the alleged hacking and data breach. 

Comelec denied that the database of overseas voters was compromised, according to NPC.

The poll body explained that while a list of overseas voters is made publicly available on their website as mandated by law, this data has yet to be generated for the elections in May. 

“On the topic of their full incident report, Comelec sought for extension of time to submit the approved report. NPC issued a subsequent order reiterating to the Comelec to submit said incident report and provide answers to the clarificatory questions stated in the order dated Jan. 21, 2022,” NPC said. 

Comelec was given until Jan. 27 to send the report.

In a separate meeting, NPC said Manila Bulletin confirmed that the artifacts gathered by the commission are the same ones that were the basis of their published report. — Revin Mikhael D. Ochave