The National Privacy Commission (NPC) is conducting a probe of lisensya.info, a website that associated itself with the Land Transportation Office (LTO), to determine possible breach of personal information of LTO-registered motorists.
A total of 12.725 million vehicles were registered with the LTO in 2019.
“The NPC shall verify the incident and look into the extent of possible harm on LTO’s data subjects to determine how to best resolve the situation,” Privacy Commissioner Raymund E. Liboro said.
“NPC is coordinating with the Data Protection Officer (DPO) of the LTO for us to be provided with more details of the incident,” he added, noting the DPO of the agency has just filed its initial breach notification report with the NPC yesterday, November 10, 2020.
Last week, the LTO issued a statement assailing lisensya.info for using the LTO logo on its website to establish a false connection with the agency.
The questionable website provided a “Motor Vehicle Authenticator” which, through the mere input of the motor vehicle file number by anyone, would show sensitive information, such as the make, plate number, engine number, chassis number, registration expiry date, and name of the owner.
Netizens claimed the data the site provided were accurate, raising suspicions of a leak in LTO’s database as these are the types of information the LTO collects from motorists for registration.
Based on results of NPC’s initial investigation, lisenysa.info has neither a privacy notice nor any contact details of its owner.
As of November 10, the site remained accessible while the LTO-run website “lto.net.ph,” which provides the status of the availability of license plates, is down or unavailable.