Cyber Incident Victim: Pasig City Government Employee Management System
Date:
Apr 2025
Location:
Philippines
Summary
A cyberattack was detected targeting the Pasig City Government Employee Management System, preventing employees from accessing the system. Officials reported no data leak so far, but the system remains offline while restoration efforts continue and the city collaborates with the Department of Information and Communications Technology to identify the source. The Human Resource Development Office will issue a memorandum on the system's status and the attack's impact on operations and data security, as investigations proceed and security measures are strengthened across all city systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 15, 2025, at approximately 08:00 PM, a cyberattack targeting the Pasig City Government Employee Management System (Pasig City GEMS) was detected. The attack prevented employees of the Pasig City government from logging into the system. As of the time of the report, no data leakage from the system had been confirmed. The inability to access the system disrupted normal employee‑related operations.
The Pasig City GEMS remained inaccessible and was kept offline until the issue could be resolved. The Pasig City government coordinated with the Department of Information and Communications Technology to identify the source of the attack. Restoration efforts were underway to bring the system back online. Simultaneously, an investigation was launched and security measures across all city systems were being strengthened. These actions were intended to contain the incident and prevent further disruption.
The Human Resource Development Office announced that it would issue a memorandum detailing the status of Pasig City GEMS, the impact of the cyberattack on office operations, and implications for data security. The memorandum would communicate the current situation to employees and stakeholders. No further specifics about the attack or its origins were provided in the available source.