Threat Actor: grep | grep
Victim: Supreme Court of the Philippines | Supreme Court of the Philippines
Price: N/A
Exfiltrated Data Type: Sensitive legal information
Key Points :
- On August 27, 2024, a significant data breach exposed sensitive legal data from the Supreme Court of the Philippines.
- The breach involved the leak of 13,564 rows of data, including unique assessment numbers and personal details of individuals.
- Compromised information included case categories, payment statuses, and key dates related to legal proceedings.
- The exposed data highlights vulnerabilities in government systems regarding the handling of confidential legal information.
- The Supreme Court is expected to investigate the breach and enhance cybersecurity measures to prevent future incidents.
Manila, Philippines – On August 27, 2024, a significant security breach hit the Supreme Court of the Philippines, leading to the exposure of highly sensitive legal data. The incident, disclosed by a threat actor on a popular underground forum, has raised serious concerns about the protection of confidential information within the country’s highest judicial institution.
The threat actor, identified as “grep,” claimed responsibility for the breach, uploading the compromised database for public access. This leak has brought to light the vulnerability of government systems, particularly in handling and securing legal information.
What Was Exposed?
The breach resulted in the exposure of 13,564 rows of data, encompassing a broad range of legal proceedings and applications. The compromised information includes:
- Assessment Numbers: Unique identifiers linked to legal cases and applications.
- Full Names: Personal details of individuals involved in legal matters.
- Case Categories and Types: Information related to the nature of the legal cases.
- Payment Statuses: Details indicating whether fees associated with the cases have been paid.
- Dates Filed and Paid: Key dates related to the processing of legal cases.
Data Categories Affected:
- Applications:
- Posting of Private Bonds or Custodia Legis
- Clearance and Certification Fees
- Court Cases:
- Special Civil Actions (e.g., Forcible Entry/Unlawful Detainer)
- Small Claims Cases
- Criminal Actions with Mediation Fees
- Other Services:
- Matters of Violation of Rules and Contempt Proceedings
The exposed data paints a detailed picture of various legal proceedings, with information ranging from case details to payment statuses, highlighting the severity of the breach.
This breach is not just a violation of privacy but also poses potential risks to the individuals involved in the exposed cases. The legal community, along with affected parties, is urged to remain vigilant. The Supreme Court is expected to initiate an investigation into the breach and strengthen its cybersecurity measures to prevent future incidents.