Cyber Incident Victim: Tertiary Education Subsidy

On March 16, 2019, unauthorized individuals breached the database of the Unified Student Financial Assistance System for Tertiary Education (UNIFAST), compromising the personal information of 1,130,899 applicants for the Tertiary Education Subsidy (TES). The attackers accessed and exfiltrated sensitive records containing student identification numbers, full names, dates of birth, addresses, and the names of both fathers and mothers. Following data extraction, the intruders deleted the TES database and deployed ransomware, a malicious program designed to coerce payment by threatening public release of the stolen information. The breach remained undisclosed to the public until Senator Sherwin Gatchalian revealed it in May 2019, citing an official document received by his office. The incident exposed highly sensitive familial and demographic details of over one million students seeking financial aid, creating significant risks of identity theft and financial fraud.

The ransomware attack left UNIFAST with no operational database for TES applicants, severely disrupting administrative functions related to subsidy distribution. Senator Gatchalian’s disclosure highlighted the absence of immediate public notification by UNIFAST following the March intrusion, raising concerns about transparency and incident response protocols. No information was provided regarding whether the ransom was paid, whether data was recovered from backups, or whether law enforcement initiated investigations. The breach underscored systemic vulnerabilities in safeguarding citizen data within Philippine educational assistance systems, impacting trust in government-managed financial aid programs. Its discovery two months after the intrusion delayed potential mitigation efforts for affected individuals, leaving them unaware of the exposure of their personal and familial information.