Recent Posts

Breaking News

NPC issues CDO against LTO ‘hacker’

A Cease and Desist Order (CDO) has been issued by the National Privacy Commission against Lisensya. Info paving the way for the eventual taking down of its online site that allegedly hacked the Land Transportation Office (LTO) official site.

In a statement, NPC said an email copy of the CDO was sent Thursday, Nov. 12, to the respondent, National Telecommunications Commission (NTC) and LTO. The respondent, lisensya.info, was also ordered to file their comment so that they may be given opportunity to be heard.

“We have a process and if the respondent will not respond in a few days, then we will publish the CDO,” said NPC Commissioner Raymund E. Liboro, explaining why the agency cannot divulge the contents of the CDO, including the owners of lisensya.info.

Even as the CDO has been issued, Liboro said the taking down of the site has to go through some processes. He said NTC will be the one to notify the IPS (internet service provider) of lisensya.info as the agency has its own processes, too. The Lisensya.info site, however, is no longer accessible online.

The LTO Data Protection Officer of the agency filed its initial breach notification report with the NPC Tuesday, November 10, 2020. The NPC also said that a privacy notice is also subject to compliance and does not automatically prompt a stop processing/shutdown.

The site lisensya.info, which claims to be a motor vehicle authenticator, remained accessible while the LTO-run website “lto.net.ph,” which provides the status of the availability of license plates, is down or unavailable. A total of 12.725 million vehicles were registered with the LTO in 2019.

“The NPC shall verify the incident and look into the extent of possible harm on LTO’s data subjects to determine how to best resolve the situation,” Liboro said.

“NPC is coordinating with the Data Protection Officer (DPO) of the LTO for us to be provided with more details of the incident,” he added.

Last week, the LTO issued a statement assailing lisensya.info for using the LTO logo on its website to establish a false connection with the agency.

The questionable website provided a “Motor Vehicle Authenticator” which, through the mere input of the motor vehicle file number by anyone, would show sensitive information, such as the make, plate number, engine number, chassis number, registration expiry date, and name of the owner.

Netizens claimed the data the site provided were accurate, raising suspicions of a leak in LTO’s database as these are the types of information the LTO collects from motorists for registration.

Based on results of NPC’s initial investigation, lisenysa.info has neither a privacy notice nor any contact details of its owner.


Source: Manila Bulletin (https://mb.com.ph/2020/11/13/npc-issues-cdo-against-lto-hacker/?utm_source=rss&utm_medium=rss&utm_campaign=npc-issues-cdo-against-lto-hacker)

No comments