What was the nature of the cybersecurity incident involving the Philippines Bureau of Jail Management and Penology (BJMP)?

The Philippines Bureau of Jail Management and Penology (BJMP) experienced a cybersecurity incident on its website, which was targeted by a group known as the Philippines Exodus Security (PHEDS). Despite claims by the hackers of accessing private data, the BJMP has refuted these claims, stating that no personal or sensitive data were compromised during the breach.

Did the BJMP confirm any data loss as a result of the breach?

The BJMP has emphasized in their statement that no personal or sensitive data were compromised during the breach. They have conducted an inventory to evaluate potential data loss but have refuted claims by hackers that they accessed private data intended to be protected.

Incident

Philippine Bureau of Jail Management denies exposure of sensitve data after cyberattack

Q: What actions did the BJMP take following the cybersecurity breach?

Following the discovery of the cybersecurity breach, the BJMP's Directorate enforced changing passwords and conducted an inventory to evaluate any potential data loss. It was determined that the breach occurred due to outdated security patches on a Content Management System (CMS) platform, which had ceased receiving technical support. The website has been put under maintenance with plans expedited for migration to a more secure platform.

Q: What caused the cybersecurity breach at the BJMP?

The cybersecurity breach at the BJMP occurred due to outdated security patches on a Content Management System (CMS) platform, which had ceased receiving technical support. This vulnerability was exploited by the attackers.

published: April 7, 2024

Learn More

The Philippines Bureau of Jail Management and Penology (BJMP) is struggling to explain a cybersecurity incident on its website and has refuted claims by hackers that they accessed private data intended to be protected.

The attack was carried out by the Philippines Exodus Security (PHEDS), a group targeting government websites. The BJMP emphasized in a statement released on Sunday that no personal or sensitive data were compromised during the breach. The website has been put under maintenance, with plans expedited for migration to a more secure platform.

Upon the breach's discovery, the BJMP's Directorate enforced changing passwords and conducting an inventory to evaluate any potential data loss. It was determined that the breach occurred due to outdated security patches on a Content Management System (CMS) platform, which had ceased receiving technical support.

The number of affected individuals is not clear, BJMP claims there are none.

Philippine Bureau of Jail Management denies exposure of sensitve data after cyberattack

Read More
Nevada state government reports cybersecurity Incident, forcing statewide …
Ransomware attacks on city governments in Traverse, Michigan
Virginia attorney general's office hit by cyberattack, shuts …
City of Wichita shuts down computer network after …
Canada's investment regulator CIRO suffers cybersecurity incident exposing …