Sunday, February 9, 2025
HomeCyber Security NewsMassive NBI Data Breach Exposes Millions of Users Records Online

Massive NBI Data Breach Exposes Millions of Users Records Online

Published on

SIEM as a Service

Follow Us on Google News

The National Bureau of Investigation (NBI), the Philippines’ top investigative agency, has reportedly been compromised, exposing the sensitive data of millions of Filipinos.

A dark web user operating under the pseudonym “Zodiac Killer” has taken responsibility for the attack, claiming to have leaked extensive personal and financial records.

The breach involves a staggering 3.6 GB of data, spanning from 2016 to 2024, with over 45 million records allegedly exposed.

According to the Kukublan report, the leaked database reportedly contains full names, addresses, transaction IDs, contact information, and detailed location data of affected individuals.

Password-protected files supposedly containing highly sensitive NBI records have also been shared by the attacker.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

dark web
dark web

The Hacker and the Breach

“Zodiac Killer,” a new figure on the dark web, created their account in January 2025 and has only posted this breach.

The hacker claims the files, compressed into archives, are available via file-sharing platforms such as Mega.nz.Particularly troubling is that the breach appears to involve systems handling NBI clearance applications or financial transactions. Leaked data fields include:

  • Full names
  • Complete addresses (street, barangay, city, and province)
  • Transaction details, including IDs, dates, and purposes
  • Contact numbers and other personal identifiers
Leaked data
Leaked data

These details strongly indicate that the compromised system managed clearance issuance, background checks, or related processes.

If the breach is verified, its impacts could be far-reaching, putting millions at risk of identity theft, financial fraud, and other cybercrimes.

NBI clearance data is widely used for official purposes such as employment, travel, and legal filings, making the leaked information particularly valuable to cybercriminals.

Thus far, the NBI has remained silent, leaving the public questioning when or if an official statement or mitigation plan will be released.

This alarming incident is the latest in a string of cyberattacks targeting Philippine government institutions, underscoring persistent vulnerabilities in critical systems.

The public release of such sensitive information by “Zodiac Killer” highlights the growing sophistication of cyber threats and the urgent need for heightened cybersecurity measures.

Filipinos affected by the breach are advised to monitor their accounts for suspicious activity and consider identity protection services to mitigate potential risks.

Meanwhile, the government faces mounting pressure to address these vulnerabilities and strengthen its digital defenses to prevent future attacks.

Integrating Application Security into Your CI/CD Workflows Using Jenkins & Jira -> Free Webinar

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...

Cybercriminals Target IIS Servers to Spread BadIIS Malware

A recent wave of cyberattacks has revealed the exploitation of Microsoft Internet Information Services...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

UK Pressures Apple to Create Global Backdoor To Spy on Encrypted iCloud Access

United Kingdom has reportedly ordered Apple to create a backdoor allowing access to all...

Autonomous LLMs Reshaping Pen Testing: Real-World AD Breaches and the Future of Cybersecurity

Large Language Models (LLMs) are transforming penetration testing (pen testing), leveraging their advanced reasoning...

Securing GAI-Driven Semantic Communications: A Novel Defense Against Backdoor Attacks

Semantic communication systems, powered by Generative AI (GAI), are transforming the way information is...