The Filipino Passport Application Page shares personal information through • The Register
The Philippine Ministry of Foreign Affairs (DFA) has disabled its online tracker for passport applications, citing a “privacy issue” and a note that information may have been leaked.
“The IT department of the DFA is currently investigating the circumstances of this problem and is taking appropriate measures to protect the data that may be disclosed,” says a note on the DFA website. “An internal audit will also be carried out to prevent similar incidents in the future.”
The Philippines requires citizens to use the website, which was launched just a few months ago, to apply for a passport – walk-in applications are only allowed in exceptional cases. However, at the time of writing, the tracker returns a 404 error. Citizens therefore have no way of knowing when or whether passports will be approved and / or dispatched.
Corresponding state sponsored media, the site has been shut down to prevent further data emission. The DFA has not released any details about the “problem” or the number of people affected, although the agency said the tracker was removed within a day of the problem being discovered.
Filipino Intelligence Service Rapple reported that the privacy issues were due to the applicants’ personal information being “hard-coded” in the tracker’s program. A developer speaking with the news agency was able to find people’s personal information – including emails, birthday and contact numbers – on the DFA website using the l33t hacking tactic of… Google Search.
The DFA has notified Applicants from hotlines and email contacts.
The passport problems follow the introduction of an identity card in the Philippines, which again required online registration and again led to problems as the registration portal was not available within hours of the start of operations. ®