Philippines Bureau of Customs hit by a cyber attack on cloud-based online applications.

The Bureau of Customs (BOC) in Manila is reporting a cybersecurity incident which occurred on April 7 and targeted the BOC's external cloud-based online applications through compromised user login credentials. The incident response protocol locked down all compromised accounts and servers. The IT team of BOC is working to recover the systems.

BOC has engaged with the Department of Information and Communications Technology (DICT) and the Cybercrime Investigation and Coordinating Center (CICC) for a comprehensive investigation. Initial investigations suggest that the breach may have exposed sensitive information such as:

• names,
• email addresses,
• company names,
• contact details,
• tax identification numbers.

The total number of individuals or entities affected by this breach is still being determined as the investigation continues.

Update - per a followup report of the DICT, at least 50,000 users’ PII has been compromised.

The BOC advises individuals and companies interacting with their systems to change their passwords and report any unusual activity on their accounts.