Threat Actor: Deathnote Hackers | Deathnote Hackers
Victim: Villar Group of Companies | Villar Group of Companies
Price: N/A
Exfiltrated Data Type: Sensitive personal and corporate information
Key Points :
- Over 2.3 million records leaked, with claims of a total of 11 million records available.
- Exposed data includes customer names, contact numbers, addresses, emails, bank records, payslips, and employee details.
- The breach spans sensitive information dating from 2012 to 2024.
- The hackers accused the Villar family of exploiting workers and manipulating them during political seasons.
- Companies affected include Camella, AllHome, Vistamall, and PrimeWater among others.
- The breach poses risks for identity theft, financial fraud, and corporate espionage.
- The Deathnote Hackers warned that this is just the beginning of their campaign against the Villar Group.
- The Villar Group has not yet issued an official statement regarding the breach.
MANILA, PHILIPPINES – The Villar Group of Companies has fallen victim to a massive data breach, with over 2.3 million records leaked by the hacking group known as “Deathnote Hackers.” The breach involves a vast range of sensitive information, including customer names, contact numbers, addresses, emails, bank records, company names, payslips, and employee details, among other critical data spanning from 2012 to 2024.
The breach was accompanied by a scathing public message from the Deathnote Hackers, directly addressing the Villar Group of Companies. The hackers accuse the Villar family of building their wealth on the backs of exploited workers and shattered livelihoods. In their post, the hackers exposed what they described as the ugly truth behind the Villars’ supposed “success.”
They alleged that employees are overworked, underpaid, and subjected to inhumane working conditions, with no regard for overtime or fair contracts. Verbal agreements have allegedly replaced proper employee contracts, leaving workers vulnerable and powerless. Moreover, the Villar Group has been accused of manipulating workers during political seasons, forcing them to spread pro-Villar propaganda and participate in campaign activities as mere tools.
The message further highlighted the destruction of farmlands by Cynthia Villar, in the name of “development,” specifically targeting her involvement in the Rice Tariffication Law, which they say has crippled Filipino farmers, pushed rice prices to extreme levels, and led to widespread debt and hardship in the agricultural sector.
As part of their campaign against the Villar Group, the Deathnote Hackers released a partial dataset of 2.3 million records from the Villar Group, which they claim is part of a larger set of 11 million records. The leaked data includes sensitive information such as:
1. Customer names, addresses, and contact numbers
2. Company names and email addresses
3. Bank records, payslips, and employee details
4. Passwords, production files, OR numbers, PR numbers
5. Birth dates, company locations, house addresses
6. Pending projects, login portals, brand details
Total records leaked: 2,320,465, with additional uncounted files yet to be disclosed. The hackers stated that the exposed records date back from 2012 to 2024, covering key operations and private information of the Villar Group’s companies, including Camella, AllHome, Vistamall, PrimeWater, and others.
List of Affected Companies
The companies impacted by this breach include well-known names under the Villar Group umbrella, such as:
1. Camella
2. Lumina Homes
3. Brittany Corporation
4. Golden Haven
5. MGS Construction
6. PAVI
7.Vista Land and Lifescapes
8. Starmall
9. Bria Homes
10. AllBank
11. AllHome
12. Kratos ResInc
These companies, spanning real estate, construction, banking, and retail, represent the core of the Villar Group’s business empire. The breach of their data signals severe security lapses across their entire corporate structure.
The release of such a large dataset presents significant risks for both customers and employees. The data could be exploited for identity theft, financial fraud, and corporate espionage. Additionally, with sensitive corporate details like production files and passwords exposed, the breach could open doors for future attacks on the Villar Group’s systems.
The Deathnote Hackers warned that this is just the beginning. In their message, they urged the Villar Group to stop exploiting their workers and destroying farmlands, making it clear that silence would no longer be an option for those suffering under the group’s business practices.
As of this writing, the Villar Group has not yet issued an official statement regarding the breach.
This attack by the Deathnote Hackers underscores the critical need for organizations to invest in stronger cybersecurity measures and to ensure the ethical treatment of their workers.
The hackers have made it clear: “Your empire is built on exploitation. Change, or the silence ends.”