Threat Actor: GR3GG3M3RC3R | GR3GG3M3RC3R Victim: eGovPH | eGovPH Price: $100,000 in BTC Exfiltrated Data Type: KYC IDs
Key Points :
Exploited a 0-day vulnerability in the eGovPH system. Gained root access and bypassed security protocols. Accessed and dumped approximately 200,000 KYC IDs. Cited weaknesses in security monitoring and SSH access patching.…Threat Actor: Cybercriminals | cybercriminals Victim: Individuals and Organizations | individuals and organizations Price: Potential loss of $50,000+ Exfiltrated Data Type: Personal and financial information
Key Points :
Phishing emails are common attack methods used by cybercriminals to deceive recipients. Attackers often impersonate trusted organizations to manipulate victims into sharing sensitive information.…Threat Actor: Unknown | unknown Victim: Center for Educational Measurement, Inc. | Center for Educational Measurement, Inc. Price: Not disclosed Exfiltrated Data Type: Personal, educational, and medical information
Key Points :
Over 271,570 unique email addresses and passwords were leaked. Compromised data includes personal details such as full names, passport numbers, and dates of birth.…Threat Actor: bizmoto | bizmoto Victim: Bizmoto Philippines | Bizmoto Philippines Price: $10,000 Exfiltrated Data Type: Customer KYC files, personal identification documents
Key Points :
The threat actor demanded PHP 1 million in Bitcoin, threatening to leak sensitive customer data. The breach involved 34GB of data, including over 5,000 records and more than 400 folders of identification cards.…Threat Actor: Sarcoma Ransomware | Sarcoma Ransomware Victim: Suntrust Properties | Suntrust Properties Price: Not disclosed Exfiltrated Data Type: Personal and corporate data, including IDs and SQL databases
Key Points :
Attack launched on October 10, 2024, compromising 1TB of data. Exfiltrated data includes PRC IDs, government-issued IDs, signed legal documents, and SQL databases.…Threat Actor: BlackMeta | BlackMeta Victim: Internet Archive | Internet Archive Price: Not disclosed Exfiltrated Data Type: User authentication database, including email addresses and hashed passwords
Key Points :
Data breach occurred on October 9, 2024, affecting over 31 million users. Stolen data included email addresses, screen names, and Bcrypt-hashed passwords.…Threat Actor: Unknown | unknown Victim: 90.7 Love Radio | 90.7 Love Radio Price: Not disclosed Exfiltrated Data Type: Personal information, including names, emails, phone numbers, passwords, birthdates, sex, and location
Key Points :
Data breach disclosed on September 26, 2024, by user “ikaruzrt” on BreachForum.…Threat Actor: Deathnote Hackers | Deathnote Hackers Victim: Villar Group of Companies | Villar Group of Companies Price: N/A Exfiltrated Data Type: Sensitive personal and corporate information
Key Points :
Over 2.3 million records leaked, with claims of a total of 11 million records available. Exposed data includes customer names, contact numbers, addresses, emails, bank records, payslips, and employee details.…Threat Actor: APO Production Unit Inc. | APO Production Unit Inc. Victim: Filipino passport holders | Filipino passport holders Price: N/A Exfiltrated Data Type: Personal data
Key Points :
Approximately 28 million Filipino passport holders may have had their personal data compromised. The breach was attributed to inadequate cybersecurity measures by the service provider, APO Production Unit Inc.…Threat Actor: Medusa Ransomware Group | Medusa Ransomware Group Victim: AZPIRED | AZPIRED Price: $100,000 Exfiltrated Data Type: 205.7 GB of sensitive data
Key Points :
AZPIRED is a leading global outsourcing service provider based in the Philippines. Medusa claims to have exfiltrated crucial company records, HR files, financial documents, and client information.…Threat Actor: RansomHub Ransomware Group | RansomHub Ransomware Group Victim: Krypton International Resources Inc. | Krypton International Resources Inc. Price: Not disclosed Exfiltrated Data Type: Personal and corporate data
Key Points :
68 GB of sensitive data leaked, including personal and corporate information. Data includes a high-resolution scan of a Philippine non-professional driver’s license with full name, date of birth, home address, and license number.…Threat Actor: $udo | $udo Victim: Puregold | Puregold Price: Not specified Exfiltrated Data Type: Customer records, transaction data, operational data
Key Points :
Over 130,000 customer records allegedly compromised. Data leaked includes full names, billing and shipping addresses, and email addresses. Transaction details such as purchase points, dates, amounts, and statuses were exposed.…Threat Actor: DeathNote Hackers | DeathNote Hackers Victim: Metro Pacific Tollways Corporation (MPTC) | Metro Pacific Tollways Corporation Price: Not specified Exfiltrated Data Type: Personal and transactional data, internal documents
Key Points :
Nearly 1 million Easytrip records compromised, affecting 972,848 records. Leaked data includes sensitive information such as reloaded balances, pre-loaded accounts, and user transaction logs.…Threat Actor: Yum (alias) | Yum Victim: Individuals (trafficked) | trafficked individuals Price: $15,000 – $60,000 USD Exfiltrated Data Type: Personal identification and financial information
Key Points :
The marketplace “Yum” facilitates human trafficking and exploitation. Short-term rentals priced between $800 and $2,000, while long-term arrangements can cost from $20,000 to $60,000 or more.…Threat Actor: DeathNote Hackers | DeathNote Hackers Victim: ABS-CBN | ABS-CBN Price: Not disclosed Exfiltrated Data Type: Session cookies, credentials, login URL
Key Points :
The breach targeted ABS-CBN’s cloud-based operations managed via Amagi, a SaaS platform for broadcasting. Multiple ABS-CBN channels were affected, including Kapamilya Dagupan, TFC EU, and others across various regions.…Threat Actor: grep | grep Victim: Supreme Court of the Philippines | Supreme Court of the Philippines Price: N/A Exfiltrated Data Type: Sensitive legal information
Key Points :
On August 27, 2024, a significant data breach exposed sensitive legal data from the Supreme Court of the Philippines.…Threat Actor: Deathnote Hackers | Deathnote Hackers Victim: Ospital ng Makati (OSMAK) | Ospital ng Makati Price: Not disclosed Exfiltrated Data Type: Personal and medical information, including vaccine types and vaccination dates
Key Points :
A data breach has exposed the personal and medical information of approximately 19,000 individuals.…Threat Actor: Deathnote Hackers | Deathnote Hackers Victim: GMA Network | GMA Network Price: Low impact Exfiltrated Data Type: Outdated project files
Key Points :
The breach occurred on August 24, 2024, targeting GMA Network. It exploited a known vulnerability in the IBM Aspera file transfer system.…Threat Actor: French Intelligence Services | French Intelligence Services Victim: Pavel Durov | Pavel Durov Price: Unknown Exfiltrated Data Type: Unknown
Key Points :
Pavel Durov, CEO and Founder of Telegram, was detained at Paris Le Bourget Airport. The detention occurred on August 24, 2024, shortly after Durov exited his private jet.…Threat Actor: ProtonMail | ProtonMail Victim: Users of ProtonMail | Users of ProtonMail Price: Free Exfiltrated Data Type: Email address validity, creation date, public key
Key Points :
ProtonMail provides an API to verify email addresses and retrieve their creation dates. Users can convert Unix timestamps into standard date formats using online converters.…Threat Actor: DEDESEC | DEDESEC Victim: Chinese General Hospital and Medical Center | Chinese General Hospital and Medical Center Price: Not disclosed Exfiltrated Data Type: Sensitive patient information
Key Points :
The breach was announced by DEDESEC on a dark web forum. The group claims to have leaked sensitive information targeting Chinese and Filipino patients.…Threat Actor: imn0p, ph1ns | imn0p, ph1ns Victim: Bolivarian Military Aviation of Venezuela | Bolivarian Military Aviation of Venezuela Price: 71MB of sensitive data available for download Exfiltrated Data Type: Personal information of soldiers, agents from SEBIN, and presidential guard personnel
Key Points :
Data breach involved the Bolivarian Military Aviation of Venezuela.…Threat Actor: Deathnote Hackers | Deathnote Hackers Victim: Sablan Municipality | Sablan Municipality Price: Not disclosed Exfiltrated Data Type: Sensitive municipal data
Key Points :
The breach impacted the official website of a municipal government in Benguet, Philippines. Deathnote Hackers claimed responsibility for the attack, exploiting vulnerabilities in the Government Web Hosting Service (GWHS).…Threat Actor: LockBit Group | LockBit Victim: Philippine Airlines | Philippine Airlines Price: $1,000 Exfiltrated Data Type: Personal information (passport numbers, birthdates, full names, addresses)
Key Points :
The breach potentially affects 12.8 million users of Philippine Airlines. Data is reportedly being sold online for $1,000.…Threat Actor: DeathNote Hackers | DeathNote Hackers Victim: E-Government Philippines | E-Government Philippines Price: Not disclosed Exfiltrated Data Type: Potential sensitive data access
Key Points :
The breach occurred on August 10, 2024, through an unrestricted file upload vulnerability. DeathNote Hackers uploaded a defacement page to highlight the security flaw.…Threat Actor: LeonelSecurityTeam | LeonelSecurityTeam Victim: JC Premiere Philippines | JC Premiere Philippines Price: Not disclosed Exfiltrated Data Type: Personal information (full names, home addresses, contact numbers, email addresses, identification numbers, card numbers)
Key Points :
Data breach affects approximately 300,000 users. Highly sensitive information, including identification cards, was compromised.…Threat Actor: RansomHub | RansomHub Victim: JG Summit Holdings | JG Summit Holdings Price: Not disclosed Exfiltrated Data Type: 300GB of encrypted data
Key Points :
JG Summit Holdings is one of the largest conglomerates in the Philippines. The ransomware attack affected over 40,000 computers within the company’s network.…Threat Actor: hackmenot123 | hackmenot123 Victim: Doon | Doon Price: ₱50,000 Exfiltrated Data Type: Personal Information, Government Identifiers, Nationality, and Photos
Key Points :
The breach involves sensitive personal information including full names and birth dates of users. Exposed government identifiers include driver’s license numbers, expiration dates, and serial numbers.…Threat Actor: dk0m | dk0m Victim: Philippine Government | Philippine Government Price: Not disclosed Exfiltrated Data Type: Login credentials, email addresses
Key Points :
Over 1000 government official accounts compromised from various Philippine agencies. Details of the breach were disclosed on a hacking forum by the user “dk0m”.…Threat Actor: Unknown | DDoS attack Victim: Microsoft | Microsoft Price: Estimated impact of millions in lost revenue and service disruption Exfiltrated Data Type: N/A
Key Points :
On July 30, 2024, Microsoft experienced a major global outage affecting Azure and Microsoft 365 services for nearly 10 hours.…Threat Actor: post | post Victim: Manila Health Department | Manila Health Department Price: $150 (negotiable) Exfiltrated Data Type: Patient and employee records
Key Points :
Over 16,000 patient records and more than 800 employee records were compromised. The data includes sensitive information such as full names, contact details, medical histories, and treatment details for patients.…Threat Actor: BitBanish | BitBanish Victim: Vivamax Philippines | Vivamax Philippines Price: Listed for sale on a dark web forum Exfiltrated Data Type: Personal and transactional information of subscribers
Key Points :
Over 6.8 million subscriber records compromised. Data includes full names, phone numbers, email addresses, and subscription details.…Threat Actor: Anonymous User | azqas Victim: Entrelabel | Entrelabel Price: Not disclosed Exfiltrated Data Type: Personal Information
Key Points :
Data breach exposed personal information of approximately 28,000 customers. Compromised data includes customer names, billing and shipping addresses, contact information, email addresses, shipping methods, and purchase details.…Threat Actor: BitBanish | BitBanish Victim: La Salle University | La Salle University Price: Not disclosed Exfiltrated Data Type: Personal and academic information
Key Points :
On July 18, 2024, La Salle University in Ozamiz, Philippines, suffered a data breach affecting over 92,000 records. The breach involved the university’s Registrar System, compromising sensitive personal and academic details.…Threat Actor: 16-year-old hacker | 16-year-old hacker Victim: Philippine government and educational institutions | Philippine government and educational institutions Price: Not specified Exfiltrated Data Type: Login credentials and sensitive data
Key Points :
The suspect is a 16-year-old boy from General Santos City, Philippines. He was taken into custody by the Philippine National Police’s Anti-Cybercrime Group (PNP-ACG) for hacking multiple government and educational websites.…Threat Actor: Unknown | unknown Victim: U.S. Armed Forces Personnel | U.S. Armed Forces Personnel Price: Negotiable Exfiltrated Data Type: Personal Information (IDs, names, titles, emails, phone numbers, unit details)
Key Points :
The breach affects 9,450 Air Force personnel, 8,681 Navy personnel, and 5,571 Army personnel.…Threat Actor: DeathNote Hackers | DeathNote Hackers Victim: Department of Education | Department of Education Price: Not specified Exfiltrated Data Type: Not specified
Key Points :
Data breaches were the most frequent incident type, impacting various sectors including government agencies, educational institutions, corporations, and health-related organizations.…Threat Actor: Russian nationals | Russian nationals Victim: Coins.ph | Coins.ph Price: Millions of dollars worth of digital assets Exfiltrated Data Type: Cryptocurrency
Key Points :
Two Russian nationals, Sergey Medvedev and Igor Tsvetkov, former employees of Coins.ph, have been indicted for hacking and stealing millions of dollars worth of digital assets.…Threat Actor: Unknown | Unknown Victim: Nokia | Nokia Price: Not specified Exfiltrated Data Type: Personal information of employees (first and last names, job titles, company names, email addresses, phone numbers, and additional professional details)
Key Points :
Nokia, a leading telecommunications company, has allegedly suffered a data breach that has potentially exposed the personal information of over 7,600 employees.…Threat Actor: Sp1d3rHunters | Sp1d3rHunters Victim: Ticketmaster | Ticketmaster Price: $2 million Exfiltrated Data Type: Barcodes for Taylor Swift’s ERAS Tour concerts
Key Points :
Sp1d3rHunters, a cybercriminal group formed from ShinyHunters and Sp1d3r, has leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour concerts in Miami, New Orleans, and Indianapolis.…Threat Actor: XMacoyX | XMacoyX Victim: Bureau of Agricultural Research (BAR) of the Philippines | Bureau of Agricultural Research Price: Not specified Exfiltrated Data Type: Names, email addresses, and other personal details
Key Points :
The Bureau of Agricultural Research (BAR) of the Philippines has allegedly been hit by a data breach.…Threat Actor: chengyi | chengyi Victim: Philippine Ministry of Foreign Affairs (DFA) | Philippine Ministry of Foreign Affairs Price: The price for the compromised emails is not mentioned in the article. Exfiltrated Data Type: Confidential emails, including schedules and diplomatic correspondences between high-ranking officials.
Key Points :
A threat actor named chengyi posted on a dark web forum offering Philippine Ministry of Foreign Affairs emails for sale.…Threat Actor: ph1ns | ph1ns Victim: Philippines Department of Information and Communications Technology – Disaster Risk Reduction Management Division (DICT-DRRMD) | DICT-DRRMD Price: Not specified Exfiltrated Data Type: Not specified
Key Points :
The Philippines’ DICT-DRRMD has suffered a data breach targeted by the threat actor ph1ns.…Threat Actor: WebSpid3rs | WebSpid3rs Victim: Moonton/ByteDance | Moonton/ByteDance Price: $300,000 Exfiltrated Data Type: Game source code, IP and password data, employee credentials, domain controller dumps, server and network configurations, cloud and customer data, documentation and frameworks, server configurations and codes, client and customer data, other critical data
Key Points :
Data breach involving Moonton/ByteDance Threat actor WebSpid3rs leaked mid-level data and demanded payment Crimson from WebSpid3rs is selling a comprehensive set of data for $300,000A Massive Data Breach at Moonton/ByteDance
Manila, Philippines – On June 2, our team received multiple reports of a data breach involving ByteDance.…
Threat Actor: KryptonZombie | KryptonZombie Victim: GCash KYC System | GCash Price: Not specified Exfiltrated Data Type: Mobile numbers, IDs used for Know Your Customer (KYC) processes, GSave account numbers linked to phone numbers, signatures, and selfie IDs
Key Points :
An alleged data breach on the GCash KYC System was reported, attributed to the Philippine Statistics Authority and carried out by threat actor KryptonZombie.…Threat Actor: Unknown | Unknown Victim: Lazada Philippines | Lazada Philippines Price: Not specified Exfiltrated Data Type: Personally identifiable information (PII)
Key Points :
A massive data breach involving Lazada, one of the Philippines’ largest e-commerce platforms, was reported by cybersecurity researcher Infosecdad on his Facebook page.…Threat Actor: HulkSec Philippines | HulkSec Philippines Victim: World of Fun | World of Fun Price: Not specified Exfiltrated Data Type: Personal information, sensitive details, information on company’s branches and users’ registration dates
Key Points :
An alleged data breach has been reported for World of Fun, an amusement center chain in the Philippines.…Threat Actor: N/A Victim: Julian Assange | Julian Assange Price: N/A Exfiltrated Data Type: N/A
Key Points :
Julian Assange has been released from Belmarsh maximum security prison after being held for 1901 days. His release was granted by the High Court in London and he was released at Stansted airport.…Threat Actor: MoonzHaxor | MoonzHaxor Victim: Indonesian Fingerprint Identification System (INAFIS) | INAFIS Price: Not specified Exfiltrated Data Type: INAFIS face member data, fingerprint member data with email addresses, INAFIS Spring Boot application, and its database configuration properties
Key Points :
A potential data breach has been detected involving the Indonesian Automatic Fingerprint Identification System (INAFIS).…Threat Actor: Unknown | Unknown Victim: Toyota Motor Philippines | Toyota Motor Philippines Price: Not specifiedExfiltrated Data Type: Customer information, vehicle records
Key Points :
A user known as “inchworm” claimed to have obtained 66,241 records from multiple Toyota dealerships in the Philippines. The compromised data includes customer information such as names, emails, addresses, and phone numbers, as well as detailed vehicle records.…