Technology
Technology
cybersecurity

Hacker breaches 2 PNP online systems in series of attacks

Victor Barreiro Jr.

SUMMARY

This is AI generated summarization, which may have errors. For context, always refer to the full article.

Hacker breaches 2 PNP online systems in series of attacks
The hacker breaches the Philippine National Police's Logistics Data Information and Management System, and the license and permits application database of the Firearms and Explosives Office

In a series of attacks on the systems of the Philippine National Police, the hacker known as ph1ns breached both the PNP Logistics Data Information and Management System (PLDIMS) and, later on, the database of the Firearms and Explosives Office’s (FEO) Online License and Permits Application platform.

In a Manila Bulletin report, ph1ns is said to have gained access to and exfiltrated terabytes of data from the FEO database, with the police losing some 1.6 terabytes of sensitive information as a result of the breach.

The breaching of the FEO database follows an earlier attack on the PLDIMS, in which ph1ns revealed a data sample of over 393,000 rows of personal information from the breach.

The PNP, in a 2020 Facebook post, called the PLDIMS “a unified, reliable and real-time central database of comprehensive information on all PNP equipment and assets, and to provide effective and efficient logistical services and administrative support to the PNP.”

In the FEO database hack, the hacker claims to have downloaded information on 500,000 names in the list which, aside from names, included birthdays, civil statuses, emails, tax identification numbers, mobile phone and telephone numbers, details on next of kin, the date and expiry of neuro tests, and the date and expiry of drug tests.

DICT Undersecretary Jeffrey Dy, in an interview with ANC on Tuesday, May 21, said “a lot of our important personalities whose lives are also in danger or are receiving death threats own firearms” and would thus have data recorded in the FEO database.

Dy also told ANC the hack on PLDIMS was “patiently done” with the attack on logistics system taking about a month or two months to breach. “From there, [the hacker] got more information, and was able now to move laterally from one system to the other.”

The hacker cited human error within the PNP’s security protocols for allowing the breach to occur.

The group known as ph1ns has previously been linked to cyberattacks on websites of companies owned by House Speaker Martin Romualdez, and computer brand Acer. – Rappler.com

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI

How does this make you feel?

Loading
Download the Rappler App!
Person, Human, Sleeve

author

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.
More from Victor Barreiro Jr.

cyberattacks

Philippine National Police