Threat Actor: Deathnote Hackers | Deathnote Hackers
Victim: Sablan Municipality | Sablan Municipality
Price: Not disclosed
Exfiltrated Data Type: Sensitive municipal data
Key Points :
- The breach impacted the official website of a municipal government in Benguet, Philippines.
- Deathnote Hackers claimed responsibility for the attack, exploiting vulnerabilities in the Government Web Hosting Service (GWHS).
- Approximately 27,000 lines of sensitive data were compromised, primarily related to the municipality of Sablan.
- Hackers provided screenshots as evidence of their access, showing control over the website’s cPanel and phpMyAdmin interfaces.
- The breach raises concerns about the security protocols in place for municipal websites and the potential for further cyberattacks.
- Local governments are urged to implement stronger cybersecurity measures to protect their digital assets.
- The incident highlights the need for reassessment of cybersecurity strategies among local government units (LGUs).
A data breach has recently impacted the official website of a municipal government in Benguet, Philippines, exposing a substantial amount of data. The threat actor responsible for this attack, known as Deathnote Hackers, has claimed responsibility for the breach.
Details of the Breach
According to the information provided by the hackers, they gained unauthorized access to the municipal website through the Government Web Hosting Service (GWHS). The GWHS, operated by the Department of Information and Communications Technology (DICT), is responsible for hosting various local government websites across the Philippines. The attackers managed to breach the hosting service specifically allocated for the municipality of Sablan, Benguet.
The compromised database contains 27,000 lines of data, primarily focusing on the municipality of Sablan. This data includes sensitive information that could potentially be used for malicious purposes if it falls into the wrong hands. The hackers emphasized that while the data is mainly centered on Sablan, there is also minimal information related to DICT’s web hosting infrastructure.
Deathnote Hackers provided screenshots as evidence of their access, showing control over the website’s cPanel and phpMyAdmin interfaces. These screenshots indicate that the hackers had the ability to manage user accounts and manipulate the database settings. Specifically, the images reveal access to email accounts, FTP services, and database configurations within the hosting environment.
This breach highlights severe vulnerabilities in the government’s web hosting service, raising concerns about the security protocols in place for municipal websites.
The data breach exposes the municipal government to several risks, including the potential for further cyberattacks, phishing campaigns, and data exploitation. The breach underscores the necessity for local governments to implement stronger cybersecurity measures to protect their digital assets.
Moreover, the compromised database and control panel access suggest that the attackers could have potentially manipulated or deleted critical files and data, leading to disruptions in the municipality’s online services.
This incident serves as a wake-up call for local government units (LGUs) to reassess their cybersecurity strategies and ensure that their web hosting services are secure.
Deathnote Hackers have made it clear that they possess significant capabilities, and this breach could be a precursor to further cyber incidents if vulnerabilities are not promptly addressed.