Alleged LMS Data Breach Exposes UP Tacloban Students’ Information
By: UndeciDev | Team Member
A threat actor using the alias “jamesyu” has claimed to be selling data from the Learning Management System (LMS) of a prestigious university in the Philippines. The post advertised access to sensitive student information, including full names, e-mail addresses, degree programs, city locations, interests, and even profile pictures.
According to the actor, the dataset can also be leveraged to generate institutional e-mails by following a strict format. Further communication with the threat actor revealed that sample data was provided for verification, and the actor asserted the dataset contained more than 1,600 rows. An analysis of this data indicates that the breach involves the LMS platform of the University of the Philippines (UP) Tacloban.
The exposed information includes student names, official university e-mail addresses under the @up.edu.ph domain, degree programs, department affiliations, and profile image links hosted directly on the official LMS domain (lms.uptacloban.edu.ph). Examples from the dataset show records of students from BA Psychology and BA (Social Sciences) Political Science programs, with entries reflecting Tacloban City and Balangiga as listed locations.
If confirmed, this breach would represent a serious privacy risk for students whose academic and personal details are exposed online, with potential implications for phishing, identity misuse, or unauthorized account access. As of now, there has been no official statement from the university regarding the alleged breach.
