‘Data breach’ reportedly exposes 345K sensitive SolGen documents

CNN – Published and Updated May 3, 2021 6:01:00 PM

Metro Manila — The Office of the Solicitor General of the Philippines suffered an alleged “data breach”, making some 345,000 sensitive documents accessible to the public for at least two months, London-based security firm TurgenSec said.

According to TurgenSec, it informed the Philippine government in March, but the latter did not acknowledge its emails.

The breach—which allowed anyone who had an internet connection to access the files—was closed on April 28, the security firm added.

However, the company stressed “this data breach is particularly alarming as it is clear that this data is of governmental sensitivity and could impact on-going prosecutions and national security.”

The breach “contained hundreds of thousands of files” of the OSG, several hundreds of which were titled with “private”, “confidential”, “witness”, and “password”, the firm said in a statement posted on its website late last week.

The documents also included sensitive topics: drug (271), abuse (123), rape (774), child (143), trafficking (135), execution (437), NICA/intelligence (10), terrorism/terrorist (30), quarantine (29), COVID (28), weapon (48), Duterte (6), Pangilinan (63), opposition (753), nuke (1), military (4).

“The nature of these documents is of particular concern as it may have the potential to disrupt/undermine on-going judicial proceedings,” TurgenSec said.

“An unknown third party has this data and it is likely now in the hands of malicious actors who could do considerable damage with it if mitigation steps are not taken,” it said.

Late on Monday, the OSG said while it notes the responsible disclosure procedure of TurgenSec, it “shall respond appropriately only after a proper verification has been undertaken as to the accuracy and veracity of these alleged data breaches.”

“Finally, the OSG assures the public that all necessary steps have been put in place in order to protect the confidential and sensitive information contained in its submissions before the courts of justice,” said the OSG in a statement.

Justice Secretary Menardo I. Guevarra, on the other hand, refused to provide comments when sought on Monday.

“We’ll reserve our comments till the OSG has done its internal investigation,” he said in a mobile phone message.

SOURCE: https://www.cnnphilippines.com/news/2021/5/3/-Data-breach–reportedly-exposes-345K-sensitive-SolGen-documents-.html?fb

WP2Social Auto Publish Powered By : XYZScripts.com