Another day, another reported data breach at a national agency. This time, the latest cyberattack victim is the Philippine Statistics Authority (PSA), the office that’s supposed to lead primary data collection in the country. They are in charge of important documents like birth certificates, marriage certificates, and death certificates, among others.

The PSA, which admitted to the potential cyberattack on its systems Wednesday, is not even sure of the severity of the situation. An initial assessment concluded that any breach could be limited to the PSA’s Community-Based Monitoring System (CMBS).

The CBMS is “an organized technology-based system of collecting, processing and validating necessary disaggregated data that may be used for local planning, program implementation, and impact monitoring while empowering communities to participate in the process,” according to the PSA.

The office is now assessing what personal data from the CBMS may have been compromised. It did insist that the Philippine Identification System (PhilSys), the government’s central identification platform, and the Civil Registration System (CRS) were not affected.

However, there are already various online posts that showed blurred photos of IDs and large amounts of data that supposedly came from a PSA database breach, Rappler reported. One such post that was shared as early as Saturday was what tipped the PSA of the alleged data leak, according to the government agency.

In addition to launching its investigation into the alleged breach, the PSA has also approached the Compliance and Monitoring Division of the National Privacy Commission, the National Computer Emergency Response Team-Philippines (NCERT-PH) of the Department of Information and Communications Technology (DICT), as well as the Anti-Cybercrime Group of the Philippine National Police (PNP).

The potential cyberattack on the PSA comes after a Medusa ransomware breach on the Philippine Health Insurance Corporation (PhilHealth) may have affected millions of members.

Authorities have warned that downloading any leaked PhilHealth files could result in jail time.