Following an alleged “data breach” that saw more than 1.2 million records of law enforcement agencies in the hands and sights of unscrupulous individuals, the Department of Communications and Information Technology (DICT) claims that it was an information leak.
“It was not a hack. It was a data leak.” — DICT Secretary Ivan Uy (via ANC Headstart)
Per the agency’s investigations, it was revealed that the source of the data spill came from the Philippine National Police’s (PNP) recruitment portal. Uy cited exactly that it was “uploaded documents” that were compromised.
- NPC administrative fines for data privacy infractions
- A hacked and data-breached organization is no laughing matter
Highlighting the claim of the leak, the DICT secretary said that there was “no hacking” involved but rather a case of leaving an “unsecured site” that was “open and anybody could see.”
In an interview with the Palace reporters, Uy raised the national police’s “serious lapses” in their recruitment procedure and that its IT department was not even aware that a recruitment page exists.
In response to the situation, the DICT chief said that the concern is now being taken care of by the National Privacy Commission. Additionally, Uy spoke about taking punitive actions against those liable as the incident violated the Data Privacy Act.