Threat Actor: APO Production Unit Inc. | APO Production Unit Inc.
Victim: Filipino passport holders | Filipino passport holders
Price: N/A
Exfiltrated Data Type: Personal data
Key Points :
- Approximately 28 million Filipino passport holders may have had their personal data compromised.
- The breach was attributed to inadequate cybersecurity measures by the service provider, APO Production Unit Inc.
- DFA Assistant Secretary Adelio Cruz expressed frustration over the lack of transparency from APO regarding the breach.
- This incident raises concerns about the safety of personal data held by government agencies.
- Previous data security issues related to passports were reported in 2019 involving a French contractor, Oberthur Technologies.
- APO Production Unit Inc. Chairman Michael Dalumpines previously denied any breach, claiming all data was intact and accessible.
Manila, Philippines–The personal data of an estimated 28 million Filipino passport holders may have been compromised after the service provider responsible for passport production failed to secure sensitive information, according to the Department of Foreign Affairs (DFA). This concerning disclosure was made by DFA Assistant Secretary Adelio Cruz during a Senate budget hearing on Thursday and was reported by Manila Times earlier this evening.
The APO Production Unit Inc., a government-owned and controlled corporation (GOCC) tasked with printing passports, allegedly failed to implement adequate cybersecurity measures to protect sensitive data. “Unfortunately, they would not admit to the gravity or to the degree of the breach. We believe that’s being sugar-coated,” Cruz said, as reported by The Manila Times.
While the full extent of the breach remains uncertain, this incident has sparked alarm regarding the safety of personal data held by government agencies. Cruz expressed frustration over the lack of transparency from APO Production Unit Inc., which has yet to confirm the total number of individuals affected or the exact details of the breach.
This isn’t the first time concerns about passport data have surfaced. In 2019, a previous report by GMA News Online revealed that passport data issues had also been raised when then Foreign Secretary Teodoro “Teddyboy” Locsin Jr. claimed that a French contractor, Oberthur Technologies, had taken off with passport holders’ personal information after their contract was terminated. However, APO Production Unit Inc. Chairman Michael Dalumpines denied any breach had occurred at the time, stating, “All data have been retrieved when the equipment was turned over. It was all restored.”
Sources:
- The Manila Times. (2024, September 19). 28M passport holders may have been compromised as service provider fails to secure data — DFA. https://www.manilatimes.net/2024/09/19/news/28m-passport-holders-may-have-been-compromised-as-service-provider-fails-to-secure-data-dfa/1972658
- GMA News Online. (2019, January 14). Gov’t printer denies breach, says passport data intact, accessible. https://www.gmanetwork.com/news/topstories/nation/681365/gov-t-printer-denies-breach-says-passport-data-intact-accessible/story/