Amid reports of an alleged personal data leak, the Department of Information and Communications Technology (DICT), through the Philippine National Computer Emergency Response Team (NCERT) of the DICT Cybersecurity Bureau, has doubled down on its investigation on the matter.

The NCERT started its investigation on the alleged breach after receiving links to an Azure blob storage containing sample photos of IDs, including PNP and National Bureau of Investigation (NBI) clearances, from a security researcher last February 22 2023.

The security researcher did not disclose to NCERT the source of the data and what information asset was compromised. Further, the information sent by the security researcher is identical to what was reported by Jeremiah Fowler and which has since been credited by recent news reports.

The NCERT provided an incident report regarding the alleged breach to both the PNP and the NBI between March 3-23.

The DICT considers the incident as a grave concern that threatened the confidentiality, integrity, and privacy of user data. The Department assures the public that investigation on the matter is underway.

The Department would also like to remind all government agencies to increase its cybersecurity measures and to coordinate with the DICT for further capacity building in this area. Cybersecurity should be a concerted effort of everyone and all agencies are encouraged to seek assistance to help secure their respective cyber assets. DICT