(UPDATE) THE personal data of some 28 million passport holders may have been compromised after the national printing office failed to install a cybersecurity system that would protect that information, the Department of Foreign Affairs (DFA) said Thursday.
Foreign Affairs Assistant Secretary Adelio Cruz of the Office of Consular Affairs made this revelation on Thursday at a Senate hearing on the department’s proposed 2025 budget.
“We are really concerned with the security of our more than 28 million passport holders’ data. It’s something that we really want to protect. We’ve experienced a lot of agencies whose data had been hacked,” Cruz said, after Sen. Loren Legarda, chairman of the finance subcommittee, told him she didn’t want to be surprised by a long wish list because the department forgot to include something.
“Some were sold on the deep web. Unfortunately, if I have to say it, we’re not happy with the one GOCC (government-owned and -controlled corporation) that’s in charge of printing our passport,” he said. “We are seriously looking into the possibility of employing a cybersecurity system for all our passport data.”
This prompted Legarda to say, “GOCC … I want it on record… [That’s] APO. Please give us all the information if there is a threat to the security of our passport holders. … Is there a sale ongoing of any information that the GOCC holds? I’ve been hearing about that for a long time.”
“Unfortunately, they would not admit to the gravity or to the degree of the breach,” he said, referring to the APO Production Unit, a government-owned and -controlled corporation in charge of printing Philippine passports under the Presidential Communications Office. “We believe that’s being sugar coated.”
“Perhaps it would be better if APO explains [the matter],” Cruz added.
The Manila Times called APO for comment, but was told that it was the DFA that should answer questions about passports.
Legarda said she wanted a meeting next week with concerned DFA and APO officials “so that we can be enlightened because I don’t know the issue much.”
Cruz said they were negotiating with several cybersecurity companies and trying to get the best rate.
“We will be sending a report sometime next week so we can sleep soundly at night and ensure that not a single passport’s data is sold to the dark web,” Cruz said.
Legarda asked Cruz to submit their proposal.
“And then when I have that, we will call APO to come. You should present it publicly. Don’t hide [the matter]. Don’t be reluctant, hesitant or fearful or anxious,” the senator said.
Legarda added, “Just tell us the problem then we will ask them what they are capable of doing and not doing.”
Legarda also suggested that Cruz be present next week when she tackles the PCO budget.
“APO is under the PCO and so we will ask APO. Be here next week because we will hear the PCO budget and give me a confidential memo so I can have a clear [and] accurate view of this [issue].”
Cruz said, “We’ll have our litany of concerns.”
Be the first to comment