DICT: Probe underway on alleged breach of 1.2M records | Inquirer News

DICT: Probe underway on alleged breach of 1.2M records

By: - Reporter / @BPinlacINQ
/ 05:37 PM April 20, 2023

The alleged data breach involving over 1.2 million records of law enforcement agencies is already being investigated by the Department of Information and Communications Technology (DICT). 

INQUIRER.net file photo

MANILA, Philippines — The alleged data breach involving over 1.2 million records of law enforcement agencies is already being investigated by the Department of Information and Communications Technology (DICT).

The government agency on Thursday said its Cybersecurity Bureau and National Computer Emergency Response Team (NCERT) have “doubled down on its investigation on the matter.”

Article continues after this advertisement

“The DICT considers the incident as a grave concern that threatened the confidentiality, integrity, and privacy of user data. The department assures the public that investigation on the matter is underway,” it said in a statement.

FEATURED STORIES

The DICT also called on all government agencies to coordinate with the agency in bolstering their cybersecurity measures.

“Cybersecurity should be a concerted effort of everyone and all agencies are encouraged to seek assistance to help secure their respective cyber assets,” it stressed.

Article continues after this advertisement

An unprotected database containing some 1.28 million identity documents and private records of personnel and applicants of the Philippine National Police (PNP) was exposed online and discovered by cybersecurity tracker vpnMentor in mid-January.

Article continues after this advertisement

READ: For weeks, PNP staff database was exposed – cyber expert

Cybersecurity researcher Jeremiah Fowler said he immediately informed authorities about the alleged massive data breach, but it wasn’t until the second week of March – or at least six weeks later – that public access to the database was removed.

Article continues after this advertisement

According to the DICT, the NCERT started its probe into the alleged data breach after receiving links to an Azure Blob Storage containing sample photos of identification cards, and PNP and National Bureau of Investigation (NBI) clearances from another cybersecurity researcher.

“The said security researcher did not disclose to the NCERT the source of the data and what information asset was compromised,” it noted.

Article continues after this advertisement

The DICT then said the NCERT has since provided an incident report on the alleged data breach to the PNP and the NBI between March 3 to 23.

But the PNP on Wednesday said it “cannot categorically say at this time that there was leaked applicants’ data.”

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

A 2022 study by online marketing firm Reboot Digital PR Services found that the Philippines was the ninth least cybersecure country in Asia. Globally, the country ranked 19th with a cyber danger score of 62.7 out of 100.

RELATED STORIES:

PH cybercrime vulnerability among highest, says cybersecurity firm 

Understanding digitalization: Why PH needs to do more 

JPV
TAGS: breach, data, DICT, Probe

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.