Alleged NBI data breach probed

MANILA, Philippines — The National Bureau of Investigation (NBI) is looking into an alleged data breach after an anonymous user from the Philippine IT Security Forum claimed to have leaked information from the NBI, officials said yesterday.

The data, allegedly acquired and shared by a person using the code name “Zodiac Killer,” was posted on a breach forum yesterday.

Investigators from the NBI Cybercrime Division visited the forum to verify the report and downloaded the files for analysis.

Initial findings showed that the leaked data include transaction details related to clearance applications such as transaction IDs, applicant names, reference numbers, payment statuses, amounts, purpose details, transaction dates, payment channels and branch codes.

NBI Director Jaime Santiago clarified that the breach did not originate from the agency’s database, but from a third-party provider handling clearance applications.

“Basically, it has nothing to do with the NBI’s database. The data did not come from us,” Santiago told The STAR.

The NBI’s Cybercrime Division has launched a probe and is coordinating with a third-party provider to assess the extent of the breach and implement the necessary security measures.