Phantom Troupe, the group behind the Office of the Solicitor General (OSG) data breach is on a rampage attacking government websites and successfully defacing and breaching some servers. More than two thousand user information including NBI clearance, medical certificate, passport, and other documents with personally identifiable information was downloaded by the hacking group from the servers of the Philippine Overseas Employment Administration (POEA).
“While the OSG threatened to look for us, here we are showing everyone that the cybersecurity threat in our country is real and will continue to evolve at a rapid pace. Data leak and breaches will rise exposing thousands of personal information and private files” says one of the members of the group on a Facebook chat group.
The POEA servers according to the hackers have the same vulnerability as the OSG sites. A simple misconfiguration that could have been corrected easily if only the developers took extra time to check for a very common error. “Many of these developers can’t protect their databases from simple penetration tests. Every single day, security researchers all over the world release newfound vulnerabilities on public chat groups and forums.”
The group also said that the government could have asked for the help of Pinoy ethical hackers in solving the cybersecurity concerns of the country. At the start of the pandemic, Phantom Troupe accessed vulnerable Philippine school servers and secured the sites for fear of being accessed by foreign hackers. While admitting that what they did is unconventional, the group said that it is the best that they could do as they have friends and relatives who are students and employees of Philippine colleges and universities.
In a statement the group said:
The government should open its eyes and seek help from ethical hackers. The government should invest on security researchers. Sad to say that many ethical hackers in the Philippines chose to share their skills to foreign bug bounty programs.
We the Phantom Troupe will continue to penetrate every weak security that we would find.
Expect more data breaches and defacements. We will continue to do this until the authorities would realize the importance of cybersecurity. Expect us…
When asked what other government websites are in danger of being breached, the group said that it would make public once members confirmed successful breaches.
As of this posting, the POEA website is still vulnerable according to Phantom Troupe.