PSA probes data breach: What’s affected, what’s not


The Philippine Statistics Authority (PSA) on Wednesday said it had investigated a reported data breach of its systems for the national ID project and civil registration, assuring the public that both were not compromised. The PSA, however, said its Community-Based Monitoring System (CBMS) had been affected and that it was still assessing the kind of personal data that may have been exposed. The agency uses CBMS to generate data at the local level to form a basis for targeting households in the planning, budgeting and implementation of the government’s social programs. “The PSA strongly condemns this activity and we will be working with all law enforcement agencies to apprehend the perpetrators,” the agency said in a statement. A breach notification was sent to the National Privacy Commission (NPC) as early as 6 p.m. on Tuesday, setting off initial assessments, the NPC said on Wednesday. The investigation was launched in response to social media posts last week about a supposed data breach involving a PSA-run system. “The agency is taking additional preventive and containment measures to ensure the security and integrity of all systems and databases that it manages, including shutting down and isolating the system known to have been affected,” the PSA said. ‘Raise awareness’ “The PSA warns the public that social media posts with the alleged sample data include links that contain malware that may be used by cybercriminals and bad actors to perpetuate other illicit acts. Therefore, the public is strongly advised not to click on such links,” it added. The online group Deep Web Konek said it had monitored activities on social media claiming connection to the PSA breach. It said a Facebook user had posted a sample of the leaked data but that its apparent aim was not to expose sensitive information but just raise awareness on how vulnerable the government statistics agency has become to cyberattacks. In a post on X (formerly Twitter), data analyst Dominic Ligot said the leaked data dump had files with 42 billion rows containing identification cards and other sensitive information. A row refers to a single group of related data within a table. The reported PSA leak came on the heels of a data breach at the Philippine Health Insurance Corp. (PhilHealth), where the NPC last week reported the theft and leakage of a “staggering” 730 gigabytes (GB) worth of data. Guidelines on fake IDs The NPC on Wednesday issued

Read more at : inquirer

Disclaimer : We make no assurance about the completeness and accuracy of the content of this website. All news on this website is collected from various sources hence information may or may not be true. Money Nations does not verify the reliability of the content published. We do not accept any accountability for loss or damage occurred as a result of reliability on the content of this website.