Hundreds of thousands of documents from the Office of Solicitor General, including some that hints of a possible investigation on some opposition figures, had been leaked in a massive data breach, according to a British cybersecurity firm.
MORE than 345,000 documents from the Philippines’ Office of the Solicitor General (OSG) had been leaked, following a data breach last month.
According to British cybersecurity firm TurgenSec Ltd., the documents were accessible to anyone with a browser and internet connection until April 28, 2021.
These files included staff training documents, staffing payment information, financial processes and audits, and internal passwords and policies.
Several hundred files made available to the public reportedly included sensitive keywords in its titles, such as “confidential,” “witness,” “password,” and “private.”
There were a total of 165 labeled “private,”108 containing the keyword “witness,” 28 that read “confidential,” 27 that had “password,” and five that mentioned “strategy.”
In terms of sensitive topics, 753 were on the “opposition,” with 63 labeled “Pangilinan,” although it could not be clarified if these were pertaining to Senator Francis “Kiko” Pangilinan, head of the Liberal Party.
However, the Department of Justice (DOJ) said it has not received "official information" regarding the leakage of documents.
It did assure the public that assistance would be given to OSG should the breach be confirmed.
“I understand that the OSG is now looking into this alleged data breach. The DOJ has not received any such information through official channels but will be ready to assist the OSG, if necessary,” Justice Secretary Menardo Guevarra said.
It was also confirmed that a third party has this data, and more malicious actors could most likely have it as well and this fact could be damaging to the country if steps are not taken to address the issue.
TurgenSec e-mailed both the Solicitor General and the Philippine government on March 1 and 24, but they did not receive any response.
The lack of urgency from the part of the Office of the Solicitor General is alarming, as if the country’s national security isn’t at stake.
With such sensitive information now in the hands of anonymous actors, it could pose a huge threat to the already-struggling country amid the Covid-19 pandemic.
The matter should be taken seriously by the government before it gets worse as cyber criminals could do something with the information that was easily available on the internet. (MO)
Tags: #OfficeOfTheSolicitorGeneral, #databreach, #internetsecurity