Cyber Incident Victim: World Wide Fund for Nature Philippines

On February 25, 2014, the official websites of World Wildlife Fund (WWF) Philippines and its Earth Hour Philippines campaign were compromised by the Indonesian hacking group Gantengers Crew. The attackers defaced both websites, replacing legitimate content with a message declaring "Gantengers Crew Hacked you! :) Hacked WWF-Philippines, Indonesian h4x0r back! Greets / sh00ts To All Muslim hackers!" The defacement did not specify any political or ideological motive for the attack. The targeted domains included wwf.org.ph and earthhour.wwf.org.ph, with mirrors of the defaced pages archived on Zone-H under identification numbers 21848911 and 21848912 respectively. Both websites became inaccessible following the attack, displaying error messages when visitors attempted to access them. The incident marked a continuation of cybersecurity challenges for WWF affiliates, though no data breaches or leaks were reported in this specific event.

This attack occurred against the backdrop of prior security incidents affecting WWF's global operations. In 2013, WWF China had suffered a significant breach resulting in the exposure of login credentials for over 58,411 users, staff members, and clients. The 2014 Philippine incident differed in that it involved website defacement rather than data exfiltration, though both events demonstrated vulnerabilities within the organization's digital infrastructure. The Gantengers Crew's actions caused immediate operational disruption, taking both the primary WWF Philippines site and its Earth Hour campaign portal offline indefinitely. No technical details regarding detection methods, containment procedures, or restoration efforts were disclosed in available reporting. The websites remained non-functional at the time of initial media coverage, with no public statements from WWF Philippines regarding mitigation timelines or long-term impacts on their environmental advocacy programs.