19/01/2026
5 Biggest Data Breaches in the Philippines
Cybersecurity threats have risen in the Philippines in recent years, posing significant challenges to businesses, government organizations, and individuals.
In fact, the first half of 2023 alone saw a 152% increase in cybercrime incidents in Metro Manila compared to the same period in 2022. The booming digital landscape makes it a fertile ground for opportunists, emphasizing the importance of understanding how data breaches affect your organization's cybersecurity moving forward.
In line with that goal, this post explores how vulnerable Filipino organizations are to cyber attacks, plus some of the biggest data breaches in the Philippines. It also shares helpful strategies to keep threats from compromising your company's data and security.
Are Filipino Organizations Ready Against Cyber Attacks?
Cyber threats loom larger than ever in the Philippines, with 75% of organizations having experienced an attack throughout their lifetime. This figure significantly surpasses the Asia-Pacific (APAC) average of 59%. Ultimately, the scenario underlines the urgent need for heightened vigilance and proactive measures against constantly evolving threats and vulnerabilities.
Malware attacks comprise a significant percentage (29%) of these incidents. It involves attackers infiltrating IT systems via software to wreak havoc and steal valuable data, including personal details and financial information. Phishing, which entails tricking unsuspecting users into revealing sensitive information, follows behind (21%). Password attacks and theft come in third (13%).
Indeed, these numbers seem daunting. However, it's even more concerning to learn that only 27% of companies in the Philippines are "mature" in terms of overall cybersecurity readiness. The good news is you can bridge this gap by incorporating cutting-edge technologies, like cloud computing, into your business.
5 Notable Data Breaches in the Philippines
The following cybersecurity breaches that happened in the Philippines emphasize the urgency of robust cybersecurity measures in an increasingly digital country.
1. Comelec Data Breach (2016)
A month before the 2016 national elections, the Commission on Elections (Comelec) suffered a large-scale attack many consider the most significant government-related data breach. It involved hackers accessing and compromising data from roughly 70 million people—more than half of the country's population—including:
Fingerprint data
Passport information
Email addresses
Postal addresses
Birthplace
Height and weight
Gender
Marital status
Parents' names
The hacker group Anonymous Philippines claimed responsibility for the attack, which amounted to a data dump of 340 GB. For its part, Comelec continues to beef up the security of its website and database.
2. Wendy's Philippines (2017)
On April 23, 2017, hackers infiltrated the fast food chain Wendy's Philippines' website, exposing over 82,000 customer and employee records, including names, email addresses, postal addresses, and resumes. In response, the National Privacy Commission (NPC) obliged the company to notify those affected.
Upon further investigation, the NPC also found the attackers had compromised account passwords, transaction details, and modes of payment. The Commission required Wendy's Philippines to perform a cybersecurity assessment to identify vulnerabilities and prevent further incidents.
3. Cebuana Lhuillier Marketing Server Branch (2019)
Pawnshop and remittance company Cebuana Lhuillier became a data breach victim in January 2019. The incident occurred when hackers infiltrated one of Cebuana's email servers for its marketing activities, compromising the data of roughly 900,000 clients, which is 3% of its total clientele. The company also traced unauthorized downloads dating back to August 2018.
In its official statement, Cebuana Lhuillier revealed that the data dump included customer birthdays, addresses, and sources of income. Fortunately, financial transaction details were safe from the attack. The company collaborated with the NPC to perform an internal investigation and improve its cybersecurity following the incident.
4. UCPB Independence Day Cyber Attacks (2020)
The government-controlled United Coconut Planters Bank (UCPB) lost millions of pesos through numerous online transfers and automated teller machine (ATM) withdrawals during the three-day holiday in June 2020. In one case, the culprits made 57 withdrawals from a single ATM, taking out its entire ₱4 million stock. The total losses amounted to ₱167 million.
A bank official reported that the hackers held UCPB accounts, which they used with other local banks to transfer and withdraw the money. Based on theories, the culprits might have had inside help and could be a part of a larger syndicate operating in the local banking system.
Thankfully, the funds of account holders remain safe, with UCPB vowing to improve its cybersecurity infrastructure.
5. PhilHealth Medusa Attack (2023)
The recent attack on the Philippine Health Insurance Corporation (PhilHealth) has far-reaching implications for the government's cybersecurity capabilities. As of October 10, hackers have begun releasing stolen data on the dark web, including confidential memos and member data (i.e., addresses, phone numbers, and insurance IDs). They demanded $300,000 (₱17 million) in exchange for the stolen information.
The hacker group, which the government calls Medusa, accessed the data on September 22 after restricting PhilHealth staff from accessing their system. The insurance corporation shut it to prevent further damage, but the hackers had already secured 734 GB of files. PhilHealth has 59 million direct and indirect contributions.
Meanwhile, the Philippine government refuses to pay ransom. Instead, it focuses on reinforcing cybersecurity via audits and other security measures.
Companies are prone to cyber threats. This post describes some of the biggest data breaches in the Philippines and how to prevent them on your end. | Yondu
