The Office of the Solicitor General (OSG) of the Philippines has reportedly experienced a data breach, according to a London-based security firm, TurgenSec. The firm has revealed that around 345,000 sensitive documents were left publicly accessible online for a duration of at least two months.
TurgenSec has reported that they notified the Philippine government about the breach in March, but their communication was not acknowledged at the time. It was only on April 28 that the breach was reportedly sealed, preventing further unauthorized access.
The security firm has expressed grave concerns about the breach, pointing out the sensitive nature of the documents involved. It could have repercussions for ongoing prosecutions and matters of national security. Among the exposed documents were files marked as “private,” “confidential,” “witness,” and “password,” as well as files relating to highly sensitive subjects including drug issues, abuse, rape, and terrorism, among others.
TurgenSec warned of the potential risks associated with the breach, noting that the documents may disrupt legal proceedings. The firm also highlighted the likelihood that the data might now be in the possession of malicious actors, which could lead to significant consequences if proper mitigation steps are not taken.
In response to the situation, the OSG acknowledged TurgenSec’s responsible disclosure but has stated that it will only issue a comprehensive response after conducting a thorough verification of the alleged data breaches. The OSG reassured the public that it has implemented necessary measures to protect the confidentiality and integrity of the information involved in judicial processes.
Justice Secretary Menardo I. Guevarra has refrained from making any immediate comments pending the outcome of the OSG’s internal investigation, indicating that the department will withhold any statements until the facts are clearly established.
