Cyber Incident Victim: Department of Science and Technology
Date:
Aug 2023
Location:
Philippines
Summary
The Department of Science and Technology experienced a cybersecurity breach involving its OneExpert portal, where unauthorized access via a compromised account led to subsequent exposure of technical experts' and users' email addresses on a social media platform. The agency confirmed no sensitive personal information was compromised, implemented enhanced security measures, and characterized the incident as part of a series of cyberattacks targeting government entities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Department of Science and Technology (DOST) confirmed a data breach affecting its OneExpert portal following a security incident first reported by the Philippine National Computer Emergency Response Team (CERT-PH) on August 31, 2023. An internal investigation by the DOST project team determined that a compromised user account had been used to gain unauthorized access to the website. Immediate containment actions were implemented, including the deployment of additional security measures, which allowed normal operations to resume shortly after the incident was detected. No further details about the technical nature of the breach or the specific mitigation steps were disclosed in the agency’s October 12, 2023, statement. On October 8, 2023, approximately five weeks after the initial breach, data resembling records from the OneExpert portal appeared in a Facebook post. The leaked information included publicly listed names of technical experts, their email addresses, and user email addresses associated with the portal. The DOST emphasized that no sensitive personal information was compromised, noting that OneExpert functions as a publicly accessible registry of Filipino experts designed to facilitate access to their services and broaden the reach of science and technology assistance nationwide.
The incident marked the third cyberattack targeting a Philippine government agency within a short timeframe, as reported by the Department of Information and Communications Technology (DICT) in an October 13, 2023, media segment. While the DICT did not specify whether the attacks were linked, an unnamed official cited the breaches as evidence supporting the need for confidential funds to bolster cybersecurity across government systems. The DOST reiterated that client or user lists were not directly accessible through the OneExpert portal and affirmed that all website usage was diligently monitored and documented as part of official agency records. No operational disruptions or financial impacts were described in the available statements. The agency committed to ongoing efforts to strengthen information system security but did not outline specific future measures or disclose the number of affected individuals beyond confirming the exposure of non-sensitive data.