Cyber Incident Victim: House of Representatives

On October 15, 2023, the Department of Information and Communications Technology (DICT) confirmed a cybersecurity incident affecting the official website of the House of Representatives (HOR), congress.gov.ph. The breach occurred on October 14, when unauthorized actors replaced the homepage with an image of a meme captioned “you’ve been hacked,” attributed to a group identifying as 3musketeerz. The HOR promptly took the website offline to contain further unauthorized access and reported the incident to the DICT for investigation. The DICT’s Philippine National Computer Emergency Response Team (CERT-PH) initiated an examination to assess the scope of the compromise, including whether sensitive data was accessed by the threat actor. No details were disclosed regarding the specific attack vector or duration of unauthorized access prior to detection.

The DICT provided recommendations to the HOR IT team to strengthen website security and prevent future breaches, though specifics of these measures were not disclosed. CERT-PH’s investigation remained ongoing as of the reporting date, with plans to transition findings to the Cybercrime Investigation and Coordinating Center (CICC) and law enforcement agencies for threat actor attribution and legal case development. The DICT emphasized its role in supporting government agencies to secure their ICT systems but clarified that agencies retain primary responsibility for their infrastructure. No timeline was provided for restoring the HOR website, which remained offline during the investigation. The incident marked a visible disruption to a government digital service, though impacts on legislative operations or data integrity were unconfirmed pending the investigation’s completion.