No evidence yet of gov’t data leak – NPC | Inquirer News
1.2M records exposed

No evidence yet of gov’t data leak – NPC

By: - Reporter / @dexcabalzaINQ
/ 05:46 AM April 23, 2023

The personal data of police officers and applicants, including this screenshot of a redacted police clearance certificate, became accessible to the public for weeks, says Jeremiah Fowler of cybersecurity tracker vpnMentor. STORY: No evidence yet of gov’t data leak – NPC. STORY: No evidence yet of gov’t data leak – NPC

SENSITIVE RECORDS | The personal data of police officers and applicants, including this screenshot of a redacted police clearance certificate, became accessible to the public for weeks, says Jeremiah Fowler of cybersecurity tracker vpnMentor. (CONTRIBUTED PHOTO)

MANILA, Philippines — Amid ongoing investigations, there is no “concrete evidence” yet that more than 1.2 million records from several government agencies were leaked, according to the country’s privacy regulator.

But the National Privacy Commission (NPC) agreed with the findings of a cybersecurity researcher who first reported the possible breach since government data had been left unprotected.

Article continues after this advertisement

“At this point, we still have no concrete evidence that indeed 1.2 million records [were] leaked. What we know now is that it was left exposed,” lawyer Michael Santos, chief of NPC’s complaints and investigation division, said in an interview on ANC on Friday.

FEATURED STORIES

In a statement, NPC Commissioner John Henry Naga, however, assured that there were no breaches in the systems of the National Bureau of Investigation, Civil Service Commission (CSC), and Bureau of Internal Revenue (BIR).

The NBI, CSC, and BIR conducted vulnerability tests and found no breaches in their systems.

Article continues after this advertisement

The Philippine National Police, however, requested more time to validate and review its systems for possible security compromise.

Article continues after this advertisement

Santos said the NPC would conduct an “onsite investigation” on the concerned data processing system of PNP on Monday.

Article continues after this advertisement

Cybersecurity researcher Jeremiah Fowler, who reported the data breach, was also summoned by the commission on Friday to help in its investigation.

“We expect first to be let into the data processing centers of the PNP to inspect their systems, to check their logs and to match data if indeed they are the ones collecting that information,” Santos said.

Article continues after this advertisement

“If there’s a match, we could possibly identify if indeed it was the processing systems of the PNP that were left exposed. And in the process we will verify if the exposed database was indeed leaked,” he added.

Santos said that after an initial look at the documents in the exposed database, the NPC is looking at the possibility that the breach “could be related to [the PNP’s system handling] job applications or job recruitment.”

“The recent allegations of a data breach involving law enforcement agencies in the country should serve as a reminder that no organization, not even the government, is immune to the threat of cyberattacks,” Naga said in a statement.

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

The National Computer Emergency Response Team, a division under the Cybersecurity Bureau of the Department of Information and Communications Technology, is also investigating the breach.

RELATED STORIES

Over 1M records from NBI, PNP, other agencies leaked in massive data breach

Senate probe into alleged data breach in gov’t agencies sought

PNP seeks more time to confirm alleged data breach

TAGS: government data leak, National Privacy Commission

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.