By Francis Wakefield
The spokesman of the Philippine Army (PA) Wednesday said that the data extracted after hackers breached the data base of the military came from exposed dump files of an old database that were being migrated from a third party Internet Service Provider to the Philippine Army Network in December 2018.
Lt. Col. Ramon Zagala (Davao Oriental YouTube channel / MANILA BULLETIN)
In a statement, Lt. Col. Ramon Zagala said these files were already addressed as early as January 1, 2019 but was only leaked recently to make it appear that the hacker was able to commemorate their yearly mischief on April 1st.
"Contrary to what has been reported, the Philippine Army Network was not hacked by a certain group known as Pinoy Lulszec, who is somehow vying for attention. The data extracted came from exposed dump files of an old database that was being migrated from a third party Internet Service Provider to the Philippine Army Network in December 2018," Zagala said.
"These files were already addressed as early as January 1, 2019 but was only leaked recently to make it appear that the hacker was able to commemorate their yearly mischief on April 1st," he added.
Zagala said they are further investigating as to exactly how the hackers were able to get hold of the information.
"Rest assured that all other data in our network is secured and that further security assessments are being done to prevent a repeat of this incident," Zagala said.
Pinoy LulzSec, a local hacking group that participated in the three-day international hacking operation by LulzSec international, earlier disclosed that of all the government agencies, learning institutions, and private firms that it “exfiltrated,” only the database of the AFP was found to be vulnerable.
The data breach exposed almost 20,000 soldiers whose information, injuries and missions were in the file.
The hacking operation also downloaded the data base of Ateneo de Zamboanga and the Technological University of the Philippines in Taguig, according to Pinoy LulzSec.
The date base contained the names of the military personnel, their serial numbers, units, positions, courses, class, and remarks which included data on whether they failed in their mission, cheated in their exams, or were absent. Some even have injury entries in their files.
In what it called the April Lulz, Pinoy LulzSec said hundreds of government and private firms were exposed as well as personal Facebook pages.
The annual three-day international hacking operation launched by LulzSec affiliates all around the world was participated in by local hacking groups such as Pinoy LulzSec, Pinoy ClownSec, and FilTech Hackers Philippines.
Department of Information and Communication Technology (DICT) Assistant Secretary Allan Cabanlong said only the AFP data base was found to be vulnerable.
Lt. Col. Ramon Zagala (Davao Oriental YouTube channel / MANILA BULLETIN)
In a statement, Lt. Col. Ramon Zagala said these files were already addressed as early as January 1, 2019 but was only leaked recently to make it appear that the hacker was able to commemorate their yearly mischief on April 1st.
"Contrary to what has been reported, the Philippine Army Network was not hacked by a certain group known as Pinoy Lulszec, who is somehow vying for attention. The data extracted came from exposed dump files of an old database that was being migrated from a third party Internet Service Provider to the Philippine Army Network in December 2018," Zagala said.
"These files were already addressed as early as January 1, 2019 but was only leaked recently to make it appear that the hacker was able to commemorate their yearly mischief on April 1st," he added.
Zagala said they are further investigating as to exactly how the hackers were able to get hold of the information.
"Rest assured that all other data in our network is secured and that further security assessments are being done to prevent a repeat of this incident," Zagala said.
Pinoy LulzSec, a local hacking group that participated in the three-day international hacking operation by LulzSec international, earlier disclosed that of all the government agencies, learning institutions, and private firms that it “exfiltrated,” only the database of the AFP was found to be vulnerable.
The data breach exposed almost 20,000 soldiers whose information, injuries and missions were in the file.
The hacking operation also downloaded the data base of Ateneo de Zamboanga and the Technological University of the Philippines in Taguig, according to Pinoy LulzSec.
The date base contained the names of the military personnel, their serial numbers, units, positions, courses, class, and remarks which included data on whether they failed in their mission, cheated in their exams, or were absent. Some even have injury entries in their files.
In what it called the April Lulz, Pinoy LulzSec said hundreds of government and private firms were exposed as well as personal Facebook pages.
The annual three-day international hacking operation launched by LulzSec affiliates all around the world was participated in by local hacking groups such as Pinoy LulzSec, Pinoy ClownSec, and FilTech Hackers Philippines.
Department of Information and Communication Technology (DICT) Assistant Secretary Allan Cabanlong said only the AFP data base was found to be vulnerable.