Unbox recently reported on a suspected data breach at the Philippine Statistics Authority (PSA), an attack that the national data collection office claimed likely only affected one of its systems. However, a closer look at the alleged compromised data suggests that other government agencies may have been breached as well.
The PSA learned of a possible breach after an unidentified actor posted download links to files supposedly belonging to the agency on Facebook Sunday, local media outlet Newsbytes.PH reported. In a statement released Wednesday, the PSA claimed that any breach was likely only limited to its Community-Based Monitoring System (CMBS).
The office, which launched its own investigation into the matter and contacted local authorities, also insisted that the Philippine Identification System (PhilSys), the government’s central identification platform, and the Civil Registration System (CRS) were not affected.
But online posts showed blurred photos of IDs and large amounts of data that supposedly came from a PSA database, according to Rappler.
Some of the download links that were published on Facebook seemingly contained data from the Department of Science and Technology’s (DOST) One Expert portal, the web-based nationwide pool of science and technology experts. These files reportedly included full names of the portal’s experts as well as private email addresses.
One of the download links, some of which were found to have contained malware and were hosted on a website that was known for delivering multiple forms of malware, also led to an archive file referring to the Philippine National Police’s (PNP) Forensic Group that may contain sensitive data.
The PNP was among the local agencies the PSA approached following the alleged breach of its systems. The suspected breaches on the PSA, DOST, and PNP were allegedly carried out by a single party, according to data analyst Dominic Ligot. These come after a Medusa ransomware attack on the Philippine Health Insurance Corporation (PhilHealth) that may have affected millions of members.
The suspected breaches on the PSA, DOST, and PNP come after a Medusa ransomware attack on the Philippine Health Insurance Corporation (PhilHealth) that may have affected millions of members. Officials of the National Bureau of Investigation (NBI) have warned that downloading any leaked PhilHealth data could result in a jail sentence under the Data Privacy Act.
