LTO assures public of security in its data
MANILA, Philippines — The Land Transportation Office (LTO) on Friday assured the public that the information recently leaked did not come from the website the agency is currently using.
In a statement, LTO chief Edgar Galvante said the website the LTO is currently using for the Land Transportation Management System is portal.lto.gov.ph, with “.gov.ph” as the standard domain suffix the Philippines uses for all government agencies. The website involved in the data breach is “lto.net.ph.”
The transportation agency said Atty. Romeo Vera Cruz, the concurrent executive director and data privacy officer of the LTO reported the data breach to the National Privacy Commission (NPC) on November 10, 2020.
The NPC is conducting an investigation of lisensya.info, a website that associated itself with the LTO even using the agency’s logo.
The NPC said some netizens claimed that the data provided by the website were accurate and thus, suspicions of the LTO were raised.
Last year, a total of 12.725 million vehicles were registered with the LTO.
A quick search on the internet revealed that the person who registered the domain name “lto.net.ph” is a certain Jefferson E. Trono and the registered company is Stradcom Corporation.
LTO is using two parallel systems at the moment; Stradcom (lto.net.ph), the IT company that handled the data of the LTO in the past and operating on a monthly basis because of an expired contract, and a new IT service provider operating the LTMS at portal.lto.gov.ph.
LTO has yet to clarify why Stradcom is still in operation and why they are allowed to be in the official website of the LTO. The Stradcom domain is the one connected to the current data breach.
LTO has assured the NPC that they will cooperate regarding the investigation and plug the data leak immediately. The LTMS site, portal.lto.gov.ph, is secure and will have no issues when it comes to user privacy, Galvante said. Miggy Dumlao, INQUIRER.net trainee