PNP ACG took down their website following a claim on Sunday, March 3, by the hacking group Philippines Exodus Security and Vend3tta from Philippine Cyber Mafia that they had managed to enter PNP ACG's systems and gained access to internal SQL databases.
As reported by vpnMentor earlier this week, cybersecurity researcher Jeremiah Fowler discovered a non-password protected cloud storage database involving Filipino students and parents that contained 210,020 records, with a total size of 153.76 gigabytes.
A subdomain of the Armed Forces of the Philippines (AFP) website that appeared to be related to the Office of the Command Inspector General (OCIG) of the Communications, Electronics and Information Systems Service (CEISSAFP) was reported by the group Deep Web Konek to have been defaced Monday afternoon, Nov. 13.
A test subsite related to the ICT Literacy and Competency Development Bureau (ILCDB), the division of the Department of Information and Communications Technology (DICT) that develops, promotes, and implements ICT literacy and competency in the country, was detected to have been defaced by hackers in the early hours of Tuesday, Oct. 24.
Just before midnight on Sunday, Oct. 14, an individual with the handle DiabloX entered an ongoing X.com (Twitter) Space that was discussing the recent hackings on Philippine government agencies and spoke to listeners. According to him, it was alright that his words be recorded as it was his last “play” at cyber.
On October 8, Sunday, an actor on Facebook posted download links to data files belonging to the Philippine Statistics Authority (PSA), and potentially the Department of Science and Technology's (DOST) OneExpert system, and the Philippine National Police (PNP) Forensic group.
While it is commendable that PhilHealth is now being transparent about the cyberattack, it is concerning that their DPO and action center utilized email addresses with @gmail.com domains for their official functions.
According to the countdown timer on the Medusa blog on the dark Web, the files they supposedly exfiltrated from PhilHealth's systems will be released on October 3 Philippine time if the $300,000-ransom is not paid in cryptocurrency.