Philippines, ’ DICT – DRRMD Suffered From a Data Breach

Threat Actor: ph1ns | ph1ns
Victim: Philippines Department of Information and Communications Technology – Disaster Risk Reduction Management Division (DICT-DRRMD) | DICT-DRRMD
Price: Not specified
Exfiltrated Data Type: Not specified

Key Points :

  • The Philippines’ DICT-DRRMD has suffered a data breach targeted by the threat actor ph1ns.
  • The breach was intended as a wake-up call for the DICT and the Philippine government to take cybersecurity more seriously.
  • The threat actor managed to retain some source code from the system, which could be used for various purposes such as sending alert messages or relaying sensor data.

Manila, Philippines – A recent cyberattack has targeted the Philippines Department of Information and Communications Technology – Disaster Risk Reduction Management Division (DICT-DRRMD).

The threat actor, identified by the alias “ph1ns,” announced the breach on a dark web forum earlier today. The announcement included screenshots of database code and detailed descriptions of the compromised system.

A screenshot sent by ph1ns showing the dashboard of DICT-DRMMD

Breach Details

According to the ph1ns’ post, the breach was intended as a wake-up call for the DICT and the Philippine government to take cybersecurity more seriously. The threat actor provided evidence. The Deep Web Konek Team sent a message to ph1ns to clarify some questions on this breach such as if the breached system is used for SMS Alert whenever an earthquake or typhoon happens. The threat actor replied to that indication of the possible uses of the compromised system, which handles SIM cards and may be used for sending alert SMS or communicating sensor measurements.

System Access and Data Compromised

The threat actor’s initial access to the system was cut off quickly by DICT, but they managed to retain some source code. The threat actor speculated that the system could be used for various purposes, including sending alert messages or relaying sensor data.

Political Message

In a defacement message on the DICT-DRRMD website, ph1ns criticized the government’s handling of cybersecurity and various political issues. The hacker mentioned recent political events and called for improvements in the country’s cyber defense mechanisms. The message emphasized the need for better testing and development of government applications and websites, highlighting the ongoing threat of cyberattacks.

Government Response

DICT Asec. Aboy Paraiso confirms breach on the DICT emergency disaster response division, says it is not connected to the central office of DICT.

No sensitive data was reportedly included in the system, which was designed to be not so secured to begin with, he said.

It is unclear what specific data was accessed or stolen.

Source: https://kukublanph.data.blog/2024/07/02/philippines-dict-drrmd-suffered-from-a-data-breach/