THE Philippine Statistics Authority (PSA) said it was investigating an alleged data leak involving one of its systems.
In a statement on Wednesday on Facebook, the PSA said information on the supposed leak was posted by a “certain actor” on social media on October 7.
In turn, the PSA had activated its Data Breach Response Team to launch an investigation into the incident and is coordinating with the Compliance and Monitoring Division of the National Privacy Commission (NPC), the National Computer Emergency Response Team-Philippines (NCERT-PH) of the Department of Information and Communications Technology (DICT), and the Anti-Cybercrime Group of the Philippine National Police (PNP).
delivered to your inbox
Based on its initial assessment, the PSA revealed that the affected system was its Community-Based Monitoring System (CBMS).
“The PSA is assessing what personal data from the CBMS may have been compromised and will share information with the relevant authorities and the public in due course,” the agency wrote. “The agency is taking additional preventive and containment measures to ensure the security and integrity of all systems and databases that are managed, including shutting down and isolating the system known to have been affected.”
“The PSA warns the public that social media posts with the alleged sample data include links that contain malware that may be used by cybercriminals and bad actors to perpetuate other illicit acts. Therefore, the public is strongly advised not to click on such links,” the PSA added.
Meanwhile, the agency assured the public that the Philippine Identification System (PhilSys) and the Civil Registration System (CRS) are not affected.
“The PSA strongly condemns this activity, and we will be working with all law enforcement agencies to apprehend the perpetrators. The PSA is committed to ensuring the integrity of its data and confidentiality of the information collected through its surveys, censuses, PhilSys, and CRS,” the statistics agency said.
The leak came weeks after systems of the Philippine Health Insurance Corporation were also compromised, as a result of a hack by the Medusa malware.