MANILA, Philippines- Masusing iniimbestigahan ngayon ng Department of Information and Communications Technology (DICT) ang lawak ng pinakabagong data breach na bumiktima sa Bureau of Customs (BOC).
Ayon sa cybersecurity group Deep Web Konek, ang 4.5-gigabyte ng BOC datos ay nakompromiso ng hackers na nagpakilala bilang DeathNote Hackers PH, Philippine Hacking University at Excommunicado.
Kabilang sa mga datos ay ang personal information ng mahigit 2,200 empleyado at 80,000 customers, base sa natuklasan ng Deep Web Konek.
“This unauthorized access not only undermines the integrity of the agency’s data infrastructure but also reveals systemic vulnerabilities within its cybersecurity framework,” ang babala ng cybersecurity group.
Sa isang panayam, sinabi naman ni DICT Assistant Secretary Renato Paraiso na bineripika nila ang laki ng data breach subalit base sa kanilang ‘initial findings,’ tumuturo ito sa reporting system ng BOC na naapektuhan ng digital attack.
“The reporting system serves as a communication line among BOC units and the data that were potentially compromised included information about cargo movements being monitored by the government agency,” paliwanag ni Paraiso.
Ani Paraiso, nananatiling may access ang BOC sa network nito sa kabila ng atake at nagawa nitong i-isolate at simulan ang imbestigasyon sa infected systems.
“It’s an infiltration of the system, not an encryption. It is merely an extraction of data,” ayon kay Paraiso.
Sinabi pa niya na bineberipika pa rin nito ang isa pang data breach report ng Deep Web Konek sa potensyal na pagbebenta ng government email domains ng isang nagngangalang “skywwrl.”
Sinabi ng cybersecurity group na “alleged sale of government domain access was brought to attention through a dark web forum with each domain being offered for $100.”
Subalit, binigyang diin ng Deep Web Konek na kailangan pa rin ang karagdagang beripikasyon upang makumpirma ang nabanggit na data breaches.
“I don’t think it is a new hack. It might be the product of a previous hack,” ayon kay Paraiso.
Nito lamang nakaraang linggo, kinumpirma ng DICT na may 2-terabyte na halaga ng datos, kabilang ang research plans, schematics at designs na nabibilang sa Department of Science and Technology (DOST), ang nakompromiso dahil sa cyberattack.
“The attack locked out the DOST, meaning it could not access the compromised data,” ayon sa ulat. Kris Jose
