On October 7, 2023, the Philippine Statistics Authority (PSA) acknowledged reports of an alleged data breach involving one of its systems, according to an official statement signed by Undersecretary Claire Dennis S. Mapa, the National Statistician and Civil Registrar General. The PSA has initiated an investigation in coordination with several national agencies.
Following the posting of the alleged data leak by an unidentified actor on social media, the PSA said immediately activated its Data Breach Response Team (DBRT). The agency said is also closely working with the Compliance and Monitoring Division of the National Privacy Commission (NPC), the National Computer Emergency Response Team-Philippines (NCERT-PH) from the Department of Information and Communications Technology (DICT), and the Anti-Cybercrime Group of the Philippine National Police (PNP).
Numerous posts have circulated on social media regarding a possible data breach at the Philippine Statistics Authority. After PSA said it will prove the incident, more contents have been posted, including on social media site Reddit:
PSA Data Leak: Breach Bigger than Philhealth? byu/earljohnm inPhilippines
Limited Impact on Community-Based Monitoring System
Based on preliminary assessments, the PSA said it identified the Community-Based Monitoring System (CBMS) as the system potentially affected by the breach.
The agency is currently evaluating the extent of compromised personal data within the CBMS and has pledged to share the details with relevant authorities and the public as soon as possible.
As a preventive measure, the PSA has isolated and shut down the system known to be affected to safeguard the integrity of its other databases.
Assurance on Core Systems
The PSA assured the public that key systems, including the Philippine Identification System (PhilSys) and the Civil Registration System (CRS), have not been impacted by the alleged breach.
Public Warned Against Malware Links
The PSA has also issued a warning against clicking on social media links that purport to show sample data from the alleged breach, stating that these links contain malware that could be exploited by cybercriminals for illegal activities.
Condemning the unauthorized activity, the PSA said it is committed to work with law enforcement agencies to apprehend the individuals responsible for the alleged data breach.
The agency also said it is committed to ensuring the integrity and confidentiality of the data it collects through various channels, including surveys, censuses, PhilSys, and CRS.
The news has caused some negative reactions on social media, considering that PhilHealth, another government agency, just recently became a victim of ransomware.
This story is developing and will be updated as more information becomes available.
This article is published on BitPinas: Philippine Statistics Authority Issues Statement on Alleged Data Breach
Before investing in any cryptocurrency, it is essential that you carry out your own due diligence and seek appropriate professional advice about your specific position before making any financial decisions.
BitPinas provides content for informational purposes only and does not constitute investment advice. Your actions are solely your own responsibility. This website is not responsible for any losses you may incur, nor will it claim attribution for your gains.