Philippine DPWH Investigates Alleged 50GB Data Breach by Bashe Ransomware

The Department of Public Works and Highways (DPWH) in the Philippines is investigating a potential data breach after the Bashe Ransomware group, also known as APT73, claimed to have exfiltrated 50 GB of sensitive data. 

The Bashe Ransomware group posted a countdown timer on their dark web leak site. The group provided sample files, including government-issued identification cards and official agency records, as proof of the breach.

According to the groups claims, the stolen data includes:

• Internal government documents
• Official agency records
• Financial records
• Employee and citizen emails
• Government-issued identification cards
• Personal identifiable information (PII)

The number of affected individuals is not disclosed. The agency is coordinating with the Department of Information and Communications Technology (DICT) and the Cybercrime Investigation and Coordinating Center (CICC) to assess the claim. The agency has not offered victim services as the breach remains unconfirmed by government authorities.

Individuals whose IDs may have been exposed should watch for identity theft attempts and check for unauthorized financial transactions.