The Philippines‘ National Bureau of Investigation (NBI) has experienced a significant data breach, with a threat actor named “Zodiac Killer” claiming responsibility. The breach involves over 3.6 GB of data, reportedly spanning from 2016 to 2024, and includes sensitive personal information, financial transaction records, and other private data. The hacker posted files on dark web forums, claiming the leak contained over 45 million rows of data, including full names, addresses, contact details, and transaction IDs. The attack has left individuals’ information exposed, including detailed location data and other confidential records.
The hacker, identified as “Zodiac Killer,” is a new figure in the dark web community
The hacker, identified as “Zodiac Killer,” is a new figure in the dark web community, having created an account in January 2025. Their first post was the leaked NBI data, and they provided multiple download links for the files on popular file-sharing platforms. The compromised data primarily affects NBI systems connected to clearance applications and financial transactions. It includes personal information such as full names, addresses, transaction IDs, and contact information. This exposure of sensitive records has raised serious concerns about the security of personal data in government systems.
The breach has the potential for widespread consequences, including identity theft, fraud, and other forms of cybercrime, particularly since NBI clearance data is crucial for employment, travel, and legal purposes in the Philippines. The leaked data could facilitate malicious activities, putting millions of Filipinos at risk. The hacker’s actions emphasize the growing dangers of cyberattacks, especially on government institutions, which are increasingly becoming prime targets for cybercriminals. The breach underlines the vulnerabilities in securing critical infrastructure and personal data within government agencies.
As of now, the NBI has not released an official statement regarding the breach, leaving the public uncertain about the full extent of the incident. This attack adds to a series of recent cyberattacks targeting government organizations in the Philippines, signaling an urgent need for improved cybersecurity measures. The leak highlights the importance of securing sensitive data against cyber threats, especially as more governmental operations move to digital platforms. The NBI and other agencies must prioritize strengthening their defenses to protect the privacy and security of their citizens.
Reference: