Alleged DPWH’s 50GB data breach under probe

A reported cybersecurity incident involving the Department of Public Works and Highways (DPWH) is under investigation, after a claim surfaced that up to 50 gigabytes (GB) of sensitive data may have been compromised.

The alert was flagged by cybersecurity advocate Deep Web Konek, which reported that the DPWH appeared on a ransomware leak site run by a threat group identified as Bashe Ransomware (APT73). 

The APT73 claimed to have extracted around 50GB of data, including internal documents, emails, financial records, and personal information.

The listing reportedly included a countdown timer signaling when the data could be released or sold, alongside sample files, such as identification cards and official records, that were intended to substantiate the claim. 

The incident is believed to follow a “double extortion” tactic, in which stolen data is both threatened with public release and offered for sale.

Despite this, DPWH Secretary Vince Dizon said the agency has already coordinated with the Department of Information and Communications Technology (DICT) to assess the situation.

The DICT, through the Cybercrime Investigation and Coordinating Center (CICC), has launched an investigation into the alleged ransomware activity. 

However, Dizon said initial findings indicate that DPWH’s internal systems remain secure, with no confirmed evidence that files were accessed or exfiltrated.

Authorities have yet to issue a final determination as verification of the alleged breach continues.