MANILA, Philippines — Containment of the recent data breaches of Philippine National Police (PNP) systems is still ongoing, according to the Department of Information and Communications Technology (DICT).
“Our analysis and containment procedures are ongoing. We are looking for malicious accounts that may have been created and traces of malware, if any, or scripts used for privileged escalation,” DICT Undersecretary for infostructure management, cybersecurity and upskilling Jeffrey Ian Dy told The STAR.
“We’re working with the PNP-Directorate for ICT Management and PNP-Anti-Cybercrime Group on this,” he added.
Initial analysis showed the cyber attack was launched more than a month ago, Dy noted.
Hackers breached the PNP’s Logistics Data Information Management System, the official repository of data on police equipment and physical assets, a few weeks ago.
The hackers had moved to other systems, such as the online and permits application platform of the PNP-Firearms and Explosives Office.
Dy declined to give an initial assessment of the breaches’ extent and classify them as major.
“We haven’t validated the entire file yet. But it contained different tables of names, license numbers, emails, mobile phone numbers and another table containing addresses,” Dy said.
The PNP announced on Wednesday that it has shut down all its online services until further notice as it enhances its defensive postures against hackers after the data breach in the systems of two police units.