DOTr HRIS System Compromised, Threat Actor Exposes Government Weaknesses

Key Takeaways: • DOTr’s HRIS system has been breached, with employee records and credentials leaked. • Hackers openly defaced the system and criticized the government’s cybersecurity policies. • A direct warning was sent to Deep Web Konek, urging exposure before a potential cover-up. • No government response has been issued so far, raising concerns over national cyber defense capabilities. https://iili.io/3z2rkdP.png MANILA, PHILIPPINES — A cybersecurity breach has been reported in the Philippines, targeting the Department of Transportation’s (DOTr) Human Resource Information System (HRIS). The breach, allegedly carried out by a hacker using the alias LuxurySp1d3r (G1D30N) , was first disclosed on a well-known cybercrime marketplace, where the attacker claimed full control over the DOTr HRIS database. https://iili.io/3z2rOrB.png Breach Details 1. Threat Actor’s Message In a defacement post, LuxurySp1d3r (G1D30N) shared details of the attack, calling out the new DICT Secretary, Henry Rhoel Aguda and the Philippine government for their alleged negligence in appointing inexperienced personnel to oversee national cybersecurity. The threat actor/s questioned the competency of leadership in protecting critical infrastructure, insinuating that other government agencies may also be vulnerable. A direct excerpt from the hacker’s message reads: “Your entire HRIS system is in our hands. If you see this defacement, know that this is only the surface of what we control. We own your systems, your data, and your vulnerabilities.” The threat actor further challenged Malacañang, implying that appointing a former banking executive to oversee DICT was a critical mistake, as banking security does not necessarily translate to government cybersecurity expertise. 2. Leaked Database (HRIS Records) https://iili.io/3z2P4Lb.jpg The breach also includes a leaked SQL database named "users.sql", which contains: 1. Government Employee Credentials – Emails, usernames, and hashed passwords of DOTr personnel. 2. Potentially Sensitive HR Data – The database suggests that personal records may also be compromised. A threat actor using the alias G1D30N after a few minutes aslo reached out directly to Deep Web Konek about the breach. The email includes a link to the compromised HRIS system (DOTR-HRIS is currently down since last night after being alerted) , suggesting that the system may have been defaced or fully controlled by the attackers. Government Response (Or Lack Thereof?) At the time of writing, there has been no official statement from DOTr, DICT, or Malacañang regarding the breach. It remains unclear whether the government is even aware of the full extent of the attack. Disclaimer This report is based on publicly available information, leaked data, and hacker statements. Deep Web Konek does not endorse, support, or participate in any illegal activity. The purpose of this report is to inform the public about potential cybersecurity threats and to urge authorities to take necessary action. Readers are encouraged to verify information with official sources and to prioritize cybersecurity best practices to protect personal and government data.

Other contents

New Home For Deep Web Konek

New Home For Deep Web Konek

DICT Chief Confirms Insider Threat: Hackers Allegedly Embedded Within the Agency

DICT Chief Confirms Insider Threat: Hackers Allegedly Embedded Within the Agency

ALLEGED DATA BREACH HITS PHILIPPINE DEPARTMENTS OF DEFENSE AND MIGRANT WORKERS

ALLEGED DATA BREACH HITS PHILIPPINE DEPARTMENTS OF DEFENSE AND MIGRANT WORKERS

Police Take Servers of Online Marketplace Archetyp Market Offline

Police Take Servers of Online Marketplace Archetyp Market Offline

Police Take Servers of Online Marketplace Archetyp Market Offline

Police Take Servers of Online Marketplace Archetyp Market Offline

Is That Video Real? A Guide to Spotting AI-Generated Content

Is That Video Real? A Guide to Spotting AI-Generated Content

OpenAI Bans Pro-Marcos Jr AI Accounts, Exposing Philippines' Misinformation Vulnerability

OpenAI Bans Pro-Marcos Jr AI Accounts, Exposing Philippines' Misinformation Vulnerability

Palawan Medical Mission Group Multipurpose Cooperative Targeted in Qilin Ransomware Attack

Palawan Medical Mission Group Multipurpose Cooperative Targeted in Qilin Ransomware Attack

From Good Vibes to Bad Vibes: Filipino Developers Alarmed as GitHub Pages, Vercel, and Netlify Face ISP Blocks

From Good Vibes to Bad Vibes: Filipino Developers Alarmed as GitHub Pages, Vercel, and Netlify Face ISP Blocks

Threat Actors, H4CK4G0V STUDENTS Exposed DICT Security Flaws

Threat Actors, H4CK4G0V STUDENTS Exposed DICT Security Flaws