Tuesday, February 18, 2025

Report claims NBI hit by massive data breach

A report published on Sunday, Jan. 19, by cybersecurity news blog kukublanph has claimed that the online database of the National Bureau of Investigation (NBI) was pilfered, leading to a massive data breach.

Newsbytes.PH has not been able to independently confirm the breach report.

But according to the blog site, a threat actor using the alias “Zodiac Killer” has claimed responsibility for the leak, which allegedly contains sensitive personal information, financial transaction records, and other personal data.

“The breach, reportedly over 3.6 GB in size, is said to include more than 45 million rows of data from 2016-2024. Files posted on dark web forums suggest the leaked database contains full names, addresses, transaction IDs, contact information, and detailed location data of individuals. Password-protected files shared by the threat actor to potentially highly sensitive NBI records,” the report said.

The blog site noted that individual behind the attackis a new player in the dark Web community, with their account created in January 2025.

“The hacker’s profile includes only one thread — this breach — suggesting they may have orchestrated this attack specifically to target the NBI. In the post, the hacker claimed to have compressed the files and provided multiple download links on file-sharing platforms like Mega.nz,” the report said.

The leaked data, the report added, appears to include detailed records from the NBI’s system.

Specifically, it seems the breach targeted systems linked to NBI clearance applications or financial transactions. Key data fields include:

  • Full names
  • Addresses (street, barangay, city, and province)
  • Transaction IDs and dates
  • Purpose of the clearance application
  • Contact information

“This level of detail strongly suggests the breach exposed a system handling clearance issuance, background checks, or financial transactions tied to the NBI,” the report said.

“If verified, this breach could have far-reaching consequences for the privacy and security of millions of Filipinos. NBI clearance data is often used for employment, travel, and legal purposes, and its exposure may lead to identity theft, fraud, and other forms of cybercrime.”

So far, the NBI has not released any statement regarding the breach.

Subscribe

- Advertisement -spot_img

RELEVANT STORIES

spot_img

LATEST

- Advertisement -spot_img