Quantum Security Group Claims Breach of DepEd Ilocos Norte and Aurora Databases, Exfiltrating Millions of Records
Two regional offices of the Department of Education (DepEd) in the Philippines: Ilocos Norte and Aurora, have reportedly fallen victim to separate data breaches, according to posts made by a threat group calling itself Quantum Security Group on a dark web forum.
https://iili.io/KwnLKEF.png
https://iili.io/KwnLFB1.png
In the first post, titled “PHILIPPINES DEPED ILOCOS NORTE DATA LEAK AND BREACH WITH 3 MILLIONS OF RECORDS,” Quantum Security Group claimed to have successfully breached the DepEd Ilocos Norte system, exfiltrating over 3 million records. The group stated that the attack compromised 17 databases and 155 CSV files, containing what it described as “hundreds of thousands of personal information, PI, and SPI data.”
According to the post, the exposed data allegedly includes:
Personal Information (PI): Names, usernames, email addresses, school names, contact numbers, physical addresses, and job positions.
Sensitive Personal Information (SPI): Birthdates, gender, civil status, TIN numbers, PhilHealth numbers, BP numbers, and educational background.
Quantum Security Group warned the agency to “expect consequences, expect exposure,” and added a taunting message referring to their so-called “DepEd Breached Club.”
In a follow-up post titled “PHILIPPINES DEPED AURORA DATA LEAK OF FULL DATABASE,” the same group announced a separate breach involving DepEd Aurora. The threat actor claimed to have exfiltrated all databases and a backup file from the regional office, calling DepEd Aurora’s system “weak.” The group stated that while it did not delete or corrupt any data during the intrusion, it chose to “leak it” publicly instead.
Quantum Security Group has been actively posting about attacks on various DepEd regional offices, portraying itself as a collective focused on exploiting vulnerabilities in government systems. The messages contain recurring threats and warnings, asserting that the breaches are part of an ongoing campaign against Philippine educational institutions.
As of this writing, there has been no official statement from the Department of Education or its regional offices in Ilocos Norte and Aurora regarding the alleged incidents.
