Manila, Philippines – Last May 30th, 2024, a cyberattack targeted the 31 government and private entities across the Philippines, resulting in a massive data breach. The attack claimed by the hacker group known as DeathNote Hackers, compromised personal and official information from a wide range of entities, including local government units, educational institutions, and associations.
Affected Organizations
One of the greatly affected is Barangay Almangugan in San Vicente, Palawan. The actor exposed the barangay’s ID card system, exposing personal data such as birth dates, contact numbers, blood types, and household details of over 1,000 residents. The leaked information included photographs and emergency contact details, posing serious privacy risks.
The Commission on Higher Education (CHED) RO9 and NCR was also compromised. The actors accessed procurement documents and lists of Higher Education Institutions (HEIs), as well as the personal information of approximately 14,000 students. The exposed data included names and academic details with NCR included but yet to know the extent of the breach.
The Automobile Association Philippines (AAP) also included and experienced a breach affecting around 9,000 members. The threat actors obtained personal addresses, family references, and travel destination details. This breach is particularly alarming due to the potential for misuse of such detailed personal information.
The Bureau of Customs’ Balikbayan Box Tracker System compromised data includes sensitive details such as user IDs, bill of lading numbers, broker information, examination results, port codes, violation details, vessel information, container numbers, and email addresses of brokers and consignees. Last April, the said agency was also breached by the same threat actors.
The breach highlights weaknesses in the digital security frameworks of many Philippine organizations. The exposed data places individuals at risk of identity theft and other forms of fraud. Authorities and cybersecurity experts recommend that affected individuals monitor their accounts closely and change their passwords. Organizations are urged to conduct thorough security reviews and implement stronger encryption and data protection measures to prevent future incidents.