Over 1 million records from NBI, PNP, other agencies leaked in huge data breach

[Kingpin]

I guess they don't like the word 'hack'

Quote

 

MANILA, Philippines — A total of 1,279,437 records from law enforcement agencies, including police employee records, were left exposed in a massive data breach, according to a report published by cybersecurity research firm VPNMentor on Tuesday.

The breach was of an unprotected database containing 817.54 gigabytes of both applicant and employee records under multiple state agencies, including the Philippine National Police (PNP), National Bureau of Investigation (NBI), Bureau of Internal Revenue (BIR), Special Action Force Operations Management Division, and Civil Service Commission.

Exposed records include personal information such as fingerprint scans, birth certificates, tax identification numbers (TIN) and tax filing records, educational transcript records, and passport copies.

https://cebudailynews.inquirer.net/499546/over-1-million-records-from-nbi-pnp-other-agencies-leaked-in-huge-data-breach

 

 

 

[BrettGC]

Interesting language indeed... They state "including" which would lead us to believe that more than the listed agencies are affected.

[Jollygoodfellow]

But then it says,

Quote

ACG Public Information Officer Capt. Michelle Sabino told INQUIRER.net that the group has yet to validate the research firm’s report.

 

 

[Old55]

3 minutes ago, Jollygoodfellow said:

But then it says,

 

How do you say "Cover Up" in Filipino?

[JJReyes]

The database has been breached.  How do you monetize it?  If you try to sell it to governments like China and the United States, they will laugh.  They probably already have copies.  

[BrettGC]

7 hours ago, JJReyes said:

The database has been breached.  How do you monetize it?  If you try to sell it to governments like China and the United States, they will laugh.  They probably already have copies.  

Whoever did the hack will then post an ad on the dark web selling the data to whoever can use it for whatever they like.  Recent example was in Australia where some companies where hacked and the hackers held the companies to ransom with threat of the data being released on the dark web.  When the time expired, they released the data.  

Identity theft is the goal of anyone that purchases the information.

[JJReyes]

3 hours ago, BrettGC said:

Whoever did the hack will then post an ad on the dark web selling the data to whoever can use it for whatever they like.  Recent example was in Australia where some companies where hacked and the hackers held the companies to ransom with threat of the data being released on the dark web.  When the time expired, they released the data.  

Identity theft is the goal of anyone that purchases the information.

I can understand hacking corporate databases and having them pay ransom.  This hack is Philippine government data.  It would be difficult getting paid.  Identity theft is a different matter.  Hopefully they catch the thieves.  

[hk blues]

2 hours ago, JJReyes said:

I can understand hacking corporate databases and having them pay ransom.  This hack is Philippine government data.  It would be difficult getting paid.  Identity theft is a different matter.  Hopefully they catch the thieves.  

The article clearly states what types of information was breached - it's personal information that quite clearly can be useful in identity theft.  

[BrettGC]

6 hours ago, JJReyes said:

I can understand hacking corporate databases and having them pay ransom.  This hack is Philippine government data.  It would be difficult getting paid.  Identity theft is a different matter.  Hopefully they catch the thieves.  

So you don't believe there's personal information on any of the databases that were compromised? BIR for a start, and given the wording there's more that aren't listed in the original article. 

Any data relating to any individual is exploitable and contributes to a bigger picture.  The organisations that perform these attacks, whether criminal or state sponsored, sit there 24/7 compiling data, cross-referencing and matching individuals to build that bigger picture.  They're even watching social media in case someone makes a slip.  It's a an organised industry all by itself.  This is not conjecture on my part; take it from someone that lived this daily, exploiting foreign intelligence targets' so-called "secure" information, targeting at both the individual and organisational levels while some of my colleagues were countering the same.   

I left that environment in 2007 and both government and criminal organisations had some very powerful tools to achieve their ends even then; I can only imagine how much they've progressed in the intervening 15+ years. You have to remember that for every government employee trying to counter these threats, there's someone else that's paid a lot more to breach their defences.  

Edited April 20, 2023 by BrettGC

[JJReyes]

A follow-up article indicates that the hack has not been confirmed.  Part of the protocol is to have a trusted neutral party verify how the information was obtained.  Perhaps we need to wait to see what happens next.