MANILA, Philippines — State-run pension fund Government Service Insurance System (GSIS) is investigating a data breach in its system involving the administrator account of one of its computers.
In a statement yesterday, the GSIS said the affected computer has been taken offline as it actively investigates the incident to assess the extent of the breach.
“As of 5:20 p.m. (Sept. 12), GSIS received a notice from our security partner that a local threat actor had compromised the administrator account of one of our computers, as shared on their Facebook page,” the GSIS said.
A threat actor may be an individual or a group that seeks to breach or undermine certain systems and data security. They may be involved in direct data theft, phishing, compromising a system by vulnerability exploitation or creating malware.
The GSIS said the affected computer is a test computer and contains dummy data used for the tests.
“GSIS is now validating the claims of the intruder in order to ensure full compliance with the requirements of the Data Privacy Act,” the agency said.
Despite the security breach, GSIS assured its employees, members and pensioners that the protection of their information is of utmost priority.
“GSIS is implementing needed measures to protect our systems and information,” the agency said, adding it “will continue to take all actions needed to ensure the security and privacy of the information entrusted to us.”