Alleged Personal Data of Philippine Lawmakers and Staffs Exposed in Underground Forum Leak”
The Cybersecurity Division of Deep Web Konek (DWK) is investigating an alarming incident involving a potential data breach of the Congress and Senate of the Philippines.
According to an underground forum post by a threat actor using the alias “SentinelX”, the leak contains the personal identifiable information (PII) of lawmakers and staff from the 19th Congress.
Initial screenshots reviewed by the team show a file named “Congress.json”, which appears to hold detailed profiles of legislators, including both elected members of the House of Representatives and their direct staff. Based on DWK’s early analysis, the compromised dataset includes:
1. Full names of lawmakers and staff members
2. Birth dates and birthplaces
3. Sex and political party affiliation
4. Congressional districts, room assignments, and office details
5. Email addresses (both official and personal)
6. Landline numbers and cellphone numbers
7. Staff information such as chiefs of staff and appointment secretaries, with corresponding contact details
https://iili.io/K0p4I6J.png
https://iili.io/K0p6Aiu.png
One record, for example, lists a lawmaker’s birthdate, district assignment, party affiliation, office room number, landline, and personal Gmail address, alongside the personal cellphone number and Yahoo account of his chief of staff. Another entry shows the name, number, and Gmail address of an appointment secretary, underscoring the breadth of the breach.
The forum post emphasizes that the leak includes “all Senators and Congressman/woman of the Philippines including the PII of their staff”. Access to the full dataset was hidden behind a locked paywall mechanism, requiring users to either interact with the thread or upgrade their membership to download the files.
Based on DWK’s preliminary findings, the compromised data is tied specifically to lawmakers of the 19th Congress of the Philippines, covering those who were elected or serving during this term.
The DWK Cybersecurity Division has already informed the concerned authorities about the alleged breach to ensure that proper incident response and mitigation steps are taken immediately. While the scope of the breach is still being validated, the presence of both official and personal communication channels raises questions about how the data was stored, secured, and ultimately compromised.
DWK has flagged this incident as a critical security concern and will continue to investigate the full extent of the exposure.
Updates will be released as soon as more details are verified.
