Filtered By: Topstories

Senate urged to probe reported data breach in PNP, other gov’t agencies

A resolution seeking to launch an investigation into the reported data breach of the database of the Philippine National Police and other government agencies has been filed in the Senate.

Senator Ramon “Bong” Revilla Jr. filed proposed Senate Resolution 573 after a cybersecurity website reported about a supposed leak from the PNP database which possibly compromised 1.2 million records of employees and applicants.

The supposed compromised data include birth certificates, educational record transcripts, diplomas, tax filing records, passports and police identification cards. Copies of fingerprint scans, signatures, and required documents were also found.

These were from different agencies like the PNP, National Bureau of Investigation (NBI), Bureau of Internal Revenue, Special Action Force Operations Management Division,  and Civil Service Commission, among others.

“The alarm raised by these data breaches in government records may lead to potential national security issues,” Revilla said.

“If unabated, the exposed data may lead to nefarious transactions such as criminals taking advantage of the leaked data to blackmail and threaten law enforcers,” he added.

Apart from the recently reported data breach in the PNP, Revilla mentioned similar incidents in the past involving the Department of Foreign Affairs and the Commission on Elections.

He likewise cited reports from Kroll, an independent risk advisory firm, which shared that the Philippines came in second with the most cyberattacks in the Asia Pacific as enterprises in the country are among the most vulnerable in the region to cyberattacks which cause business interruption and even data loss.

Virtual private network service provider, Shurfshar, also reported that the Philippines ranked 23rd out of 25- countries that were most affected by data breaches, with a total of 523,684 leaked accounts in the third quarter of 2022.

“Without reliable and trustworthy cybersecurity measures in place, these reported data breaches remain to have the dangerous potential of exposing individuals to identity theft, phishing attacks, and a range of other  malicious activities, which will ultimately victimize the public. Even worse, government agencies as well as private entities may very well be endangered by the susceptibilities of our cybersecurity if left inadequate,” Revilla wrote in his resolution.

“Data privacy and protection is a matter of national interest, and it is imperative for Congress to enact responsive policies to deter possible data breaches,” he added. — RSJ, GMA Integrated News