NBI denies system linked to massive data breach
THE National Bureau of Investigation (NBI) said that the alleged exposure of over 1.2 million sensitive employee and applicant information from multiple state agencies does not involve any of its systems.NBI conducted its initial investigation regarding the alleged massive data breach that was first reported by cybersecurity research firm VPNMentor on April 18."From the results of our own vulnerability assessment, we are reasonably certain that the alleged breach does not involve any of the NBI's systems", the agency said in a statement dated April 20.The leak supposedly exposed 1,279,437 records, totalling 817.54 gigabytes of both applicant and employee records under multiple state agencies, including NBI, Philippine National Police (PNP), Bureau of Internal Revenue (BIR), and Special Action Force (SAF).A report from cybersecurity researcher Jeremiah Fowler said that the exposed records were birth certificates, fingerprint scans, tax identification numbers (TIN), tax filing records, academic transcripts and copies of passports.The NBI said that the nature of the compromised data are not included in its hiring and selection process."While the breached records supposedly include copies of NBI Clearance IDs, these are normally released to the applicant, who may then submit or upload the same for their stated purposes", the NBI said.The NBI said it will continue monitoring and investigating the alleged data breach."We wish to reassure the public that the NBI, as the national clearing house of criminal records and other related information, gives paramount importance to data privacy", NBI said.Meanwhile, the Department of Information and Communication (DICT) reminded government agencies to increase its cybersecurity measures.The National Computer Emergency Response Team(NCERT) of the DICT Cybersecurity Bureau has doubled its investigation on the matter.
THE National Bureau of Investigation (NBI) said that the alleged exposure of over 1.2 million sensitive employee and applicant information from multiple state agencies does not involve any of its systems.
NBI conducted its initial investigation regarding the alleged massive data breach that was first reported by cybersecurity research firm VPNMentor on April 18.
"From the results of our own vulnerability assessment, we are reasonably certain that the alleged breach does not involve any of the NBI's systems", the agency said in a statement dated April 20.
The leak supposedly exposed 1,279,437 records, totalling 817.54 gigabytes of both applicant and employee records under multiple state agencies, including NBI, Philippine National Police (PNP), Bureau of Internal Revenue (BIR), and Special Action Force (SAF).
A report from cybersecurity researcher Jeremiah Fowler said that the exposed records were birth certificates, fingerprint scans, tax identification numbers (TIN), tax filing records, academic transcripts and copies of passports.
The NBI said that the nature of the compromised data are not included in its hiring and selection process.
"While the breached records supposedly include copies of NBI Clearance IDs, these are normally released to the applicant, who may then submit or upload the same for their stated purposes", the NBI said.
The NBI said it will continue monitoring and investigating the alleged data breach.
"We wish to reassure the public that the NBI, as the national clearing house of criminal records and other related information, gives paramount importance to data privacy", NBI said.
Meanwhile, the Department of Information and Communication (DICT) reminded government agencies to increase its cybersecurity measures.
The National Computer Emergency Response Team(NCERT) of the DICT Cybersecurity Bureau has doubled its investigation on the matter.
