The hacktivist group Deathnote Hackers International has claimed responsibility for the leak of roughly 445,000 entries from Philippine Amusement and Gaming Corporation (Pagcor)’s National Database of Restricted Persons (NDRP).
On Tuesday morning, Sept. 2, actor Klammer from the group Deathnote Hackers (DNH) claimed to have released portions of the NDRP related to government officials online through a hacker forum. The data was said to have been obtained through a scraping attack.
In the leak announcement, DNH stated that “a trusted intel suggests that… The National Database of Restricted Persons (NDRP) actually refers to a list compiled and updated by Pagcor of individuals who are prohibited from entering or playing in specific Pagcor-authorized gaming premises in the Philippines. The majority on the list are government employees or elected officials, since they are strictly banned this includes police officers and others in government service. [T]he list is assorted (sic) in a way that suggests there is still a possibility some people on it might gamble and addicted (sic).”
Klammer also stated “Pagcor, let’s call it what it is: you are an enabler of addiction, whether you like it or not ☺”
Pagcor said in its website that the NDRP is a computerized database of persons who are restricted from playing in gambling establishments, such as government officials. It is operated and regulated by Pagcor nationwide and is accessible online to authorized representatives of gaming operators.
According to Ma. Vina Claudette Oca, Pagcor assistant vice president for the Gaming Licensing and Development Department (GLDD), the NDRP is not a database of gambling addicts. It is a database that contains over 560,000 names, mostly elected officials sourced from the Department of the Interior and Local Government (DILG) website.
Oca stated that “the names on the list are not necessarily addicted gamblers; most are government officials who, by law, are not allowed to enter gambling establishments, thus their inclusion in the NDRP.”
She also said that “there are also 1,711 banned persons in the NDRP. These are individuals who have been subject to requests for self-exclusion, family exclusion or exclusions initiated by our licensees, but they are not necessarily addicts or government officials.”
According to the leak description by DNH, the data dump contains 4,007,887 lines. This would equate to about 445,000 entries based on the JSON data structure in a screenshot. A netizen noted that the database entries had ended with surnames starting with the letter “R”.
According to Klammer, the database entries maxed out at 490,000, and that Pagcor servers could not handle his scraper. He also mentioned that the servers slowed down badly, threw SSL errors, and cut off late exfiltration.
It was also stated that the leak contained the following details: memo circular number, last name, first name, middle name, birth date, position, and agency.
Netizens are advised to refrain from visiting links in the breach announcements as they may contain malware. Downloading leaked data may also constitute a cybercrime under Philippine laws.
