A threat actor has allegedly breached the University of Southeastern Philippines (USeP) and is offering its database for sale on a dark web forum. USeP is a prominent state university located in Davao City, on the island of Mindanao in the Philippines. As a major public research and educational institution in the region, it holds a significant amount of data on its students and faculty. The alleged breach exposes sensitive information, posing a risk to the individuals involved.
The threat actor claims the compromised database is over 20MB in size, containing more than 175,000 lines of data in an SQL file. The leaked information allegedly includes extensive personal identifiable information (PII) of students, such as full names, email addresses, phone numbers, home addresses, and academic details. The forum post listed numerous database tables that were allegedly exfiltrated, indicating a comprehensive data breach. The compromised tables allegedly include:
- editedreq
- enrolled
- global
- images
- monitoring
- pos
- requesttable
- requesttable12
- requesttableold
- studrecords
- systemlog
- transaction
- tryy
- users
