MANILA – The Department of Information and Communications Technology (DICT) on Friday said the eGovPH mobile application was not hacked and that an alleged data leak was a hoax.
In a statement, DICT Assistant Secretary for Legal Affairs Renato Paraiso said the eGovPH app remains secure, according to an initial investigation by the National Computer Emergency Response Team (NCERT) and the eGov development team.
“Results from the initial investigation made by NCERT and eGov showed that no large data transfer, user suspicious behavior or network activity anomaly in the eGovPH System were observed,” Paraiso said.
He assured the public that data on the eGovPH app are safe and that the DICT services remain secure.
“We ask everyone to be mindful when sharing content online and rely on official department channels for accurate information and updates,” he said.
On Tuesday, the Philippine-based cybersecurity enthusiast group Deep Web Konek, through its blog Kukublan Philippines, reported a potential data breach in the eGovPH system that may have resulted in a threat actor having access to the know-your-customer (KYC) data of around 200, 000 users.
The report was based on a post by a deep web forum user under the alias “GR3GG3M3RC3R” claiming they exploited a zero-day vulnerability in the eGovPH system to gain root access and offered to sell the KYC data of around 200,000 users. (PNA)