In response to the alleged hacking of Hub of Innovation for Inclusion’s (HiFi) official website caused commotion on online platforms with a call for “Academic Freeze” last October 9, the Digital Technology Office (DTO) recommends to the President’s Council for their office to oversee all of the College’s official website of various offices, instead of using third-party hosts.
DTO Vice Chancellor Jose Albert Llamas discussed in an interview with The Benildean that after the alleged hacking, the Systems Security Team of DTO was notified immediately thus, the website was shut down in an instant.
“They are pro-active [the Systems Security Team] however, unlike the Benilde official website, [HiFi] is hosted outside. There is a third-party host for the [HiFi] website [...] I think [what happened] is because of security weakness [given that the third party host] is out of our [College and DTO] hosting facilities and premises,” Llamas stated, clarifying that the official website of the College is under tight security following the security protocol of the College.
Moreover, Llamas elaborates, one factor that led to lesser proactiveness of HiFi is that the majority of the associates who used to run HiFi availed the early retirement offered by the College, thus HiFi, currently having limited man power, had limited supervision of its official website.
“That’s the non-technical side of it. It is a procedural and management matter,” Llamas emphasized.
On the technical side, according to Llamas, it could be due to the weakness of the security system and firewall of the third party host of HiFi’s website.
Moreover, a commission from DTO could investigate the incident and will be coordinating with the third party host in tracking down IP addresses. However, as of writing, HiFi is yet to request for a formal participation of the DTO in investigating the case. Nonetheless, Llamas assured that the College’s private data, including Benildean students’ private data, are safe.
Under Benilde jurisdiction
According to Center for Restorative Discipline (CRD) Director Carmen Papa-Reyes, CRD has not yet received any form of information, complaint, or incident report about the alleged hacking.
“After the investigation of the DTO, they should be able to file a complaint with us if there is really a violation of any of the rules. If there is a possible violation, then they should be able to attach all the necessary documents like complaint form, incident report, and all the affidavits of witnesses pertinent to the incident,” Papa-Reyes stated in an interview with The Benildean.
She added that once a complaint is filed to the CRD, they would process it and call on the persons involved through Zoom or face to face, if necessary, to gather the necessary evidence and testimonials that they need to issue a resolution for that particular case if ever it will turn out to be a case.
Once the alleged hacker is tracked upon, different processes will be done depending if the person is a student, an employee, or an outsider.
Papa-Reyes stated that if the alleged hacker is a student, CRD will have to check whether the student is enrolled or not in the Registrar’s Office. If the person is a bona fide student, an inquiry about his side of the story and affidavit of his reply according to the complaint filed against him/her will be asked upon. The parents will also be informed so that “they are properly advised that there is a complaint filed against their son/daughter.” If not, they would need to wait for the student to enroll.
“We can send an email to the student and inform him or her that there is an existing complaint filed against him. So that if he wants to respond, he can send his response by email,” Papa-Reyes explained.
Since CRD is now in charge of the cases filed against employees as well, once DTO decides to file the complaint or incident information to People and Organization Development Office (PODO) and PODO consequently refers the case to CRD after the submission of necessary documents, CRD will start the proper inquiry and investigation of the case. Alleged parties will be summoned via Zoom or personally to gather both sides alongside an affidavit of reply.
However, CRD cannot act on an outsider, including alumni, because its jurisdiction only covers and applies to current students and employees of Benilde. Nonetheless, they could investigate and submit a recommendation based on whatever documents or evidence are given to them.
“If he is a person outside Benilde, then we don’t have jurisdiction over that person. So definitely, that case should be filed in regular courts. [...] We could only invite him for inquiry. However, if he doesn’t respond or adhere to our invitation, then we cannot do anything to force him,” Papa-Reyes said.
She added that if Benilde still wanted to push through with the case, the best thing to do is to “file the case outside [for] a faster process.” According to her, Benilde has legal officers and legal counsel to study the case once they decide to go for it.
Nonetheless, she mentioned that a complaint would not necessarily equate to a case, sanctions, or grave punishment for it varies on the information presented and gathered, assuring that proper jurisdiction will be given provided that Benilde is patterning after reformative justice.
“What we do is that we filter these incidents, we try to talk to the persons involved, and then we will come out with a final investigation report so that we get to the bottom of the incident and if it doesn’t have any basis to exist as a real case, then we will dismiss the case,” Papa-Reyes mentioned.
However, according to Papa-Reyes, if all the evidence points to a particular person, a notice of complaint will be issued by CRD for the person involved to be aware of the complaint that is allegedly filed against him/her.
CRD was formerly the Office of Student Behavior (OSB) following name and organizational changes that took place this academic year.
HiFi is Benilde’s innovation office that incubates ideas and projects that are people-focused, planet-sustaining, profit-generating, and purpose-driven. As of writing, the HiFi website redirects to its official Facebook page.
