THE GENTLEMEN RANSOMWARE GROUP TARGETS DTI FOREIGN TRADE SERVICE CORPS
The Department of Trade and Industry (DTI) – Foreign Trade Service Corps has been listed on a ransomware leak site operated by the threat actor known as The Gentlemen. The listing was discovered on January 11, 2026, at 17:59, suggesting a possible ransomware-related security incident involving the agency.
The leak page references publicly available information about the Foreign Trade Service Corps, including its mandate to promote Philippine exports, support trade facilitation, and assist micro, small, and medium enterprises (MSMEs). While the listing itself does not immediately confirm the nature or sensitivity of the data involved, ransomware groups typically publish victim names only after data has been exfiltrated prior to encryption.
The Foreign Trade Service Corps, operating under the DTI, plays a critical role in international trade engagement and economic development. Any potential compromise may have implications for trade programs, partner organizations, and stakeholders relying on its services.
The threat actor The Gentlemen has previously been linked to ransomware activity targeting Philippine-related organizations. A few months prior to this incident, the same group was associated with a breach involving 2GO Group, a major logistics and transportation company in the Philippines. That earlier case highlighted the group’s ability to target both government-linked institutions and large private-sector enterprises.
As of this writing, no official confirmation or statement has been issued by the Department of Trade and Industry regarding the incident. It remains unclear whether negotiations are ongoing, systems have been restored, or data has been leaked publicly.
