Law enforcement in the Philippines claim to have arrested one of the hackers involved with the breach of the country's Commission on Elections (Comelec). The National Bureau of Investigation (NBI), which is tasked with investigating the massive cyberattack that compromised millions of electoral records last month, has now announced the arrest of a man in his early twenties in relation to the hack.
According to the website of the Manilla Bulletin, a three-week operation led to the apprehension of the suspect at his home in Sampaloc, Manila on Wednesday 20th April. The Comelec website was initially compromised and defaced on 27 March by hackers claiming to be aligned with 'Anonymous Philippines'. Then, three days later a second group dubbed 'LulzSec Pilipinas' posted a massive data dump online that reportedly contained massive amounts of voter data including passport information and fingerprint data. This information was verified by security firm Trend Micro.
Now, NBI director Virgilio Mendez has said the intelligence agency is examining the contents of a computer recovered from the suspect's home and hopes to release a further report once this process is complete. Furthermore, the director reportedly said the suspect had admitted involvement in the hacking. The authorities would not comment on whether the suspect was involved in any other hacking attempts against government targets.
Meanwhile, as reported by the Philippine Star, Comelec spokesperson James Jimenez said the organisation is doing everything it can to resolve the issue "at the soonest possible time." He added: "I apologise for this continuing attack on your privacy."
According to the Manilla Bulletin, the suspect is a recent IT graduate called Paul Biteng – however this has not yet been confirmed by IBTimes UK with a second source. In a recent post, the news organisation lists information it claims is about Biteng and asserts he is a white-hat hacker that has previously been commended for his work by both Facebook and Microsoft.
Indeed, there is a Paul Biteng listed on both websites for work with 'responsible disclosures' in 2014. "Each name listed represents an individual or company who has privately disclosed one or more security vulnerabilities in our online services and worked with us to remediate the issue," the Microsoft notice said. However, this does not prove it is the same individual referenced by the Manilla Bulletin. If prosecuted, the suspect could be charged for violating the Cybercrime Prevention Law, officials said.
In the most recent development, GMA News Online posted what appears to be a 'mugshot' of Biteng on its website which was allegedly released by the NBI Anti-Cybercrime Division. Ronald Aguto, chief of the cyber squad, said his team is still looking for two other hackers they believe played a role in the incident.
IBTimes UK has contacted the National Bureau of Investigation (NBI) for comment on the identity of the suspect and will update this post accordingly.