What To Do To Protect Yourself If Your Personal Info Is
Compromised Due to the Recent COMELEC Database Hacking Incident.
You probably know by now that your personal data has been compromised when COMELEC’s voter database has been hacked and stolen. Some people have confirmed that their personal data has been compromised by the website (wehaveyourdata.com) but PLEASE REFRAIN from using this site as you may expose yourself to further risk.
A variety of personal data is included in the site: full legal name including your mother's maiden last name, full birthdate, permanent addresses, and even the image of your fingerprints. OFWs are even more adversely affected as it contains passport information and their address abroad. All of these information can be used against you in the form of identity theft.
WHAT SHOULD YOU EXPECT?
If your personal information is compromised, here are the possible things that might possibly happen to you:
Credit card fraud thru over the phone or online purchases with assistance from your credit card company by providing personal details
Access to your bank accounts and information by providing your personal details - Receive phishing e-mails coming from individuals or institutions identifying itself as a bank asking information of password or PIN reset
Take over your email and social media accounts (Facebook, Instagram, Twitter, etc) by requesting a request password
Receive phishing e-mails coming from individuals or institutions identifying itself as a bank asking information of password or pin reset.
Email reset request with links
You will probably get notices from COMELEC or NBI or any other government or organizations such as banks asking you to check if your name is included in the stolen database.
HOW DO YOU PROTECT YOURSELF?
These are the things you can do to protect yourself:
Change all your passwords, with a unique password for each online account
Use password management applications such as 1Password or Passkeeper
Change your forgot password secret question and answer making sure to avoid using "Mother's Maiden Name" as your secret question and answer
Use two-factor authentication for all your online banking accounts. If possible, avoid using your cellphone number and use mobile applications and/or physical security devices for two-factor authentication
Do not respond to calls from anyone asking you for your personal information, especially your full name, address, and mother's maiden name. Only provide such information if you've called your bank yourself, and as much as possible limit these interactions.
Do not follow links received via email, especially those asking you to input your password, or answer questions with personal information. Only provide such information if you've personally opened an online banking website yourself
Be weary of notices from government, organizations like banks verifying about your personal information
Do not open email attachments from email addresses that you don't know and expect, especially when the files are in HTML, ZIP, JPG, DCOM, RAR, JAR, TGZ, TAR, JS, and APK format.
This list is by no means complete, so always remember to be vigilant, and in the event of suspicious activity immediately contact the help desk of the online service or financial institution you are subscribed to.
Edits have been made pointing out the following:
Adding details of the kind of information compromised and adding a final warning.
Adding more detail on the risk faced by OFWs.
Adding a warning that using the aforementioned website exposes users to more security risk
Adding more formats to the list of dangerous attachment types.
From facebook- JL, MP, HC, TG