Ransomware Group Claims Breach of Telcom Live Content Inc., Allegedly Exfiltrating Databases and Source Code
A ransomware group identifying itself as CipherForce has claimed responsibility for a cyberattack targeting Telcom Live Content Inc., a Philippine-based fintech and mobile technology firm. The claim appeared on the group’s leak site, where it alleged that it infiltrated the company’s servers and exfiltrated multiple databases and proprietary source code repositories.
According to the post published on March 11, the attackers claim to have extracted 30 databases and approximately 300 repositories of proprietary source code from the company’s infrastructure. The ransomware group further alleged that the victim’s servers were encrypted and that the company has been given two weeks to pay a ransom, warning that the decryption keys may be destroyed and the stolen data released publicly if payment is not made.
The entry on the leak portal currently lists the status as “pending,” suggesting that negotiations or verification may still be ongoing. The group also claimed that the stolen materials include cloud storage buckets and database files belonging to Philippine government departments that are clients of the company, though these claims have not been independently verified.
Founded in 2004, Telcom Live Content Inc. develops mobile commerce platforms, electronic payment technologies, and telecom-integrated digital transaction systems used by telecommunications providers, financial institutions, and public sector organizations. Its technologies include electronic prepaid mobile reload systems, payment gateways, mobile banking platforms, and e-government solutions designed to support digital transactions and service delivery.
The company’s flagship Mobile Commerce Suite enables voucher-less prepaid mobile account refills, allowing telecom operators and distributors to electronically distribute prepaid credits instead of using traditional scratch cards. In addition to telecommunications services, the company has also developed software systems used in regulatory compliance, document management, digital payment processing, and government service platforms.
Public information from the company indicates that its technologies have been used by several major Philippine corporations across telecommunications, media, insurance, and transportation sectors. Notable corporate customers listed include Globe Telecom, one of the largest telecommunications service providers in the Philippines, as well as Sky Cable, a major cable television and broadband provider. The former mobile telecommunications service of ABS-CBN Mobile is also listed, along with the non-life insurance provider FPG Insurance. In the transportation sector, the company has served ferry operators such as FastCat Ferries and Philharbor Ferry Services Inc., as well as the long-established provincial bus company Philtranco Service Enterprises Inc.
Telcom Live Content Inc. has also developed technology solutions for several Philippine government agencies, demonstrating the company’s involvement in public sector digital services. Among these agencies are the Department of Health, the Department of Environment and Natural Resources, the Department of the Interior and Local Government, and the Department of Trade and Industry. Other clients include the Games and Amusements Board, the National Labor Relations Commission, and the Metropolitan Manila Development Authority. The company has also provided platforms or services to the Department of Information and Communications Technology and the Bureau of Jail Management and Penology, highlighting its role in supporting digital operations across multiple government sectors.
As of publication, Telcom Live Content Inc. has not issued an official statement confirming the alleged ransomware incident, and Philippine authorities have not yet released a formal advisory regarding the claim.
