Professional Regulation Commission Records Allegedly Exposed in Online Data Leak
The Professional Regulation Commission (PRC) is reportedly affected by a data leak by the threat actor/s, FEMBOYSEC after a substantial collection of professional and academic records surfaced online. The team reviewed the incident and confirmed that the files contain sensitive documents submitted by licensed professionals and applicants, raising concerns about the security of personal and credential information maintained by the agency.
The first batch of files circulating online contains approximately 9 gigabytes of PDF documents, covering records linked to thousands of individuals. The documents include PRC identification cards, application forms, certificates of training completion or participation, transcripts of records, and diplomas, with each file tied to a specific professional or applicant. These records represent the type of information typically required for licensing, registration, and professional validation.
https://iili.io/q0OlMKP.png
https://iili.io/q0OlexR.png
https://iili.io/q0OlWUF.png
In assessing the breach, the team also examined the possibility that the leak involved older records resurfacing. However, it was found that the documents were recent, dated around February 2026, indicating that the data originated from current submissions rather than historical archives. Despite this, the team noted that older registrations or renewal records could still be affected, given that the platform likely contains both recent and past submissions.
This breach also indicate that this release may represent only a small portion of the total dataset allegedly obtained. The structured nature of the files suggests they were sourced from a centralized submission or requirements platform maintained by the Professional Regulation Commission. The exposed data includes personal identifiers and professional credentials, which could be misused if additional files are released or accessed without authorization.
The team has verified the presence and authenticity of the documents in the first batch and continues to assess the full scope of the potential compromise. The team is now on alert for any additional leaks or file dumps, as more data may be released in the coming days. While the current leak involves the initial batch of files, subsequent releases could expand the number of affected professionals and applicants.
The Professional Regulation Commission has not issued an official statement regarding the alleged breach, and the agency’s response remains pending. Individuals who have submitted documents to the PRC are advised to remain vigilant and monitor for any unusual activity involving their personal or professional information.
