DOJ: Solgen's office looking into reported data breach

MANILA, Philippines — Justice Secretary Menardo Guevarra on Sunday said the Office of the Solicitor General is looking into a reported data breach that allegedly exposed 345,000 of its files.

London-based security firm TurgenSec in an April 30 statement said it first became aware of a "publicly accessible data store" from the OSG in March. The nature of the these documents, it said, "is of particular concern as it may have the potential to disrupt [or] undermine ongoing judicial proceedings."

"The information was left public facing where anyone with a browser and internet connection could access it," it said.

TurgenSec, which runs a website tracking data breaches, said they e-mailed the OSG and the Philippine government twice in March did not get responses. By April 28, it said the breach was closed.

Guevarra told Philstar.com that the DOJ and its cybercrime office had not received information through official channels on the supposed breach. 

But, he said that the OSG "is now looking into the matter and the DOJ will be ready to assist, if necessary."

Highly sensitive

The leaks were first reported by Rest of World, an international nonprofit journalism organization, which said they tried seeking comment from the OSG and the DOJ but to no avail.

Documents exposed were said to have contained sensitive keywords such as "Private," "Confidential," "Password" and "Witness."

It also included topics on intelligence, terrorism, drugs, execution, the opposition, the military, on COVID-19, and even on President Rodrigo Duterte.

TurgenSec described the breach as "particularly alarming" given the sensitivity of the data that could also impact national security. 

"An unknown third party has this data and it is likely now in the hands of malicious actors who could do considerable damage with it if mitigation steps are not taken," it said.

OSG urged: Make public breach's extent

Rest of World quoted a TurgenSec spokesperson who said the data ended up on the Internet from a misconfigured server, "or when an administrator sets a set of documents to 'public' rather than 'private.'"

It added that the OSG should turn in the breached data to digital forensic specialists to determine its extent, and if any of the file's integrity was compromised. 

TurgenSec also urged OSG to "publicly outline the extent of the information exposed and breached, and what steps are being taken to ensure this cannot happen again."

"Finally we request that the Solicitor General of the Philippines informs the [Information Commissioner's Office] if there are UK citizens data contained within this breach and to issue a public disclosure of this," it said, "and the full extent of what citizen data was breached, so that the impacted individuals can take the necessary steps to protect themselves."

This is not the first time that the OSG figured in a cybersecurity-related issue. Late last year, its website was defaced by hackers who put up a message which read: "Stop blackmailing the [National Telecommunications Commission]! Give ABS-CBN provisional authority!"

Philstar.com also reached out to the OSG, but has yet to receive a reply as of writing. — Christian Deiparine