Press "Enter" to skip to content

Posts tagged as “hacking”

DICT’s statement on the hacking and defacing of the House of Representative website

Department of Information and Communications Technology (DICT) just release an official statement regarding the defacing of the House of Representative (HoR) website.

This is the full text of DICT’s statement;

The Department of Information and Communications Technology (DICT) confirms that a cybersecurity incident involving the House of Representatives (HOR) website occurred on Sunday, 15 October 2023.

The HOR immediately put the website offline to prevent further unauthorized access and reported the incident to the DICT โ€“ Philippine National Computer Emergency Response Team (CERT-PH).

CERT-PH is conducting an investigation to determine if sensitive data has been exfiltrated by the threat actor.

Recommendations were likewise provided to the HOR IT Team to prevent future security breaches on their website.

The DICT informs the public that the HOR website shall be online soon with its security vulnerabilities already addressed.

The next stages of the investigation on the incident, which include threat actor attribution and case build-up, shall be pursued by the Cybercrime Investigation and Coordinating Center, in coordination with our law enforcement agencies.

The DICT reaffirms its commitment to be an active partner of government agencies as they fulfill the primary responsibility of safeguarding their own ICT systems and infrastructure against cyber threats.

By:

Renato A. Paraiso
Assistant Secretary for Legal Affairs
DICT Spokesperson
pio@dict.gov.ph

At the sametime, DICT also release a Tagalog version of their statement.

Yesterday, the website of the House of Representative (HoR) was hacked by the hacker group 3MUSKETEERZ, defacing it with the troll face meme captioned it โ€œYouโ€™ve been hacked. Have a nice Day! Happy April Fullz Kahit October Palang! Fix your website.โ€ and changed its content with the same messaging.

Website of House of Representative hacked by 3MUSKETEERZ

Website of House of Representative (Congress) have been hacked and defaced by 3MUSKETEERZ.

The group used troll face meme captioned it “You’ve been hacked. Have a nice Day! Happy April Fullz Kahit October Palang! Fix your website.” The group even changed its content with the same messaging.

The official X (twitter) account (@HouseofRepsPH) already release a statement and that they are currently working with Department of Information and Communications Technology (DICT), Cybercrime Investigation and Coordinating Center (CICC) and law enforcement agencies concerned to investigate the matter.

PRESS STATEMENT
Secretary General Reginald Velasco

We wish to inform the public that the official website of the House of Representatives experienced unauthorized access earlier today. Immediate steps have been taken to address the issue, and we are working closely with the Department of Information and Communications Technology (DICT), Cybercrime Investigation and Coordinating Center (CICC) and law enforcement agencies concerned to investigate the matter.

While we work to restore the website fully, we ask for patience and understanding. We are committed to ensure the security and integrity of our digital platforms, and we will implement additional measures to prevent such incidents in the future.

For the moment, we advise the public to be cautious of any suspicious emails or communications that claim to be from the House of Representatives.

We will keep the public updated as more information becomes available.

As of this posting, the website is currently offline and accessing the website http://www.congress.gov.ph/ will just give you the standard “This site canโ€™t be reached” message.

PhilHealth hit by ransomware, Hackers demands $300,000.00

On September 22, 2023, the Philippine Health Insurance Corporation (PhilHealth) was hit by a ransomware attack. The attack was carried out by the Medusa ransomware group, which encrypts files and demands a ransom payment for the decryption key. The hackers responsible for the attack have demanded a ransom of $300,000 or approximately P17 million as payment to decrypt the files.

PhilHealth detected the attack early on Friday and immediately shut down all of its online systems, including its website, portals, and e-claims. The agency is currently working with the Department of Information and Communications Technology (DICT) and other government agencies to investigate the incident and restore its systems.

In a statement, PhilHealth assured the public and its members that their personal and medical information was not compromised or leaked in the attack. However, the attack did disrupt the agency’s operations and caused some inconvenience to its members.

On September 25, PhilHealth announced they are working to restore all of its systems and that its members could now avail of its benefits again. The agency also said that it was implementing additional security measures to prevent future attacks.

Discord.io suffers data breached and will shutdown the service

Discord.io, a third-party service that enables owners of Discord servers to create customized, personal Discord invites, has announced that it would shut down until further notice following a โ€œmajor data breachโ€ from โ€œunknown actorsโ€ on Monday evening.

The breach has affected 760,000 users and the stolen information could include your discord.io username and your Discord ID, your email-address, your billing address, and a salted and hashed password if you signed up in 2018 or earlier.

Payment details are said to be safe because all payments are processed through PayPal and Stripe and the company does not store any payment information on their servers, and this information was not leaked, the company said in an article posted on their website.

Discord.io has confirmed the authenticity of the breach, by an entity acting under the name “Akhirah.” It is important to know that Discord.com is not affiliated with discord.io, a spokesperson from Discord told Stackdiary, โ€œDiscord is not affiliated with Discord.io. We do not share any user information with Discord.io directly and we do not have access to or control of information in Discord.ioโ€™s custody.โ€

Discord has revoked the oauth authentication tokens for any Discord user that has used Discord.io, so that app can no longer perform actions on behalf of those users until they re-authenticate3. Affected Discord users should change their passwords and enable multi-factor authentication (MFA).

You can read the full statement of Discord.io on their website – Discord.io has suffered a data breach.

The website’s official twitter also encourages users to directly contact their support team, in connection of the breached.