MANILA, Philippines — The National Bureau of Investigation has denied reports of a data breach in their systems after a cybersecurity research company reported the leak of a million private records from law enforcement agencies.
In a statement, the bureau said that it conducted an initial investigation after the alleged public exposure of at least 1.2 million applicant and employee records from multiple government agencies as reported on April 18 by cybersecurity research company VPNMentor.
“From the results of our own vulnerability assessment, we are reasonably certain that the alleged breach does not involve any of the NBI's systems,” the NBI said.
“This conclusion is supported by the fact that the nature of the compromised data, which contains documents and information, are not included in our hiring and selection process,” the bureau added.
VPNMentor's full report on the data breach bared that there was a massive leak of sensitive data involving employees from the Philippine National Police, the National Bureau of Investigation, Bureau of Internal Revenue, Special Action Force Operations Management Division, Civil Service Commission. This allegedly remained publicly accessible online for a minimum of six weeks.
The NBI said that while the breached records “supposedly include copies of NBI Clearance IDs,” these documents are “normally released to the applicant, who may then submit or upload the same for their stated purposes.”
The NBI added that it reassures the public that it gives “paramount importance to data privacy not only as a matter of national security, but affecting as it does the well-being of our citizens whom we are sworn to protect.”
“The bureau will continue monitoring and investigating the alleged data breach, and shall find and adapt new ways to keep your information safe in our hands,” the NBI said. – Cristina Chi