Cybersecurity group reports possible leak of PH IDs on ‘dark web’

Cybersecurity group reports possible leak of PH IDs on 'dark web'
Photo from Deep Web Konek’s Facebook page

MANILA, Philippines —  A cybersecurity group has raised concern over an alleged leak of Philippine identification cards on the so-called dark web, indicating yet another government data breach.

Deep Web Konek reported on its Facebook page that the exposed Philippine identification cards were posted on a dark web hacker forum named “152GB of Philippine Citizen Identity Card Sample.”

The post even contains a URL linked to a Telegram group that allegedly holds the data, according to Deep Web Konek.

Since the supposedly leaked information were Philippine identification cards, the group said it creates an assumption that the files were taken from a government data repository such as the Philippine Statistics Authority (PSA).

“But without information regarding their contents, no one can determine where it came from apart from the perpetrators of the data leak themselves,” Deep Wen Konek said Wednesday.

READ: Philippine Cybersecurity: How the country beats digital threats

Deep Web Konek likewise noted that they checked the Telagram group, but found no such data exists there, and that it had “no trace of it being there,” aside from a message saying the dossier would be re-uploaded.

“But before the alleged group posted it, other Telegram groups that acquired copies of it reposted the leaks only with missing parts,” it added.

The already leaked files only contain 20 gigabytes (gb) of unextracted data, far from the 152 gb claimed by threat actor KryptonZambie, Deep Web Konek pointed out.

In a media briefing on Thursday, Department of Information and Communications Technology (DICT) Assistant Secretary Renato Paraiso said they are still waiting for confirmation from the PSA regarding the alleged leak.

READ: Bolster cybersecurity measures, gov’t, private sector urged

“In this case with PSA, wala pa kaming nakukuhang response from PSA po,” Paraiso said.

(In this case with PSA, we have not yet received a response from them.)

INQUIRER.net has tried reaching out to the PSA for a comment, but it has yet to respond as of writing.

The DICT disclosed on Wednesday, April 3, that hackers illegally gained access to the network of the Department of Science and Technology (DOST), compromising 2-terabyte worth of data, including research plans, designs and schematics.

On Thursday morning, the DOST said it has partially regained access to its network.

Read more...