A threat actor has allegedly put a database belonging to the Schools Division of Masbate up for sale on a dark web forum. The victim, a division of the Philippine Department of Education, is a crucial government body responsible for overseeing the public education system throughout the province of Masbate in the Philippines. The database allegedly contains over 115,882 records, compromising the sensitive personal information of both students and faculty members under its jurisdiction.
The seller claims the data breach occurred in August 2025 and is offering the entire database for $480 in cryptocurrency. The exposure of such detailed information poses a significant risk of identity theft, phishing attacks, and other malicious activities targeting vulnerable individuals, including minors and educational staff. The compromised data allegedly includes a wide range of personally identifiable information (PII).
The following data is allegedly included in the leak:
- For Faculties: Full name, Employee Number, School Assigned, Position Title, First Day of Service, Sex, Civil Status, Date of Birth, and Permanent Address.
- For Students: Full Name, School Name, Learner Reference Number (LRN), Gender, Date of Birth, Contact Number, Present & Permanent Address, and School Year Graduated.
