What Happened
On May 29, 2020, a group called the Philippine Hacking University (PHU) breached the database of ACCESS Computer College, a chain of computer education institutions with multiple campuses across the Philippines.
This incident predates the June 2020 mass hacking wave and is considered one of the earliest attacks in the pandemic-era school cybersecurity crisis.
What Was Potentially Exposed
The database breach potentially exposed:
- Student personal information across multiple campuses
- Academic and enrollment records
- Internal administrative data
Why This Breach Matters
- First of the 2020 wave — this breach, occurring in late May, signaled the beginning of what would become a massive June 2020 hacking spree targeting Philippine schools
- Computer college targeted — similar to the TIP breach, a technology-focused institution being hacked highlights the gap between teaching IT and practicing security
- PHU involvement — the Philippine Hacking University group would go on to collaborate with Pinoy Grayhats in subsequent school attacks
Lessons for Schools
- 1.Multi-campus institutions need centralized security — a breach at one campus can expose data from all campuses
- 2.Database security is paramount — ensure databases are not directly accessible from the internet
- 3.Security awareness must be practiced, not just taught — IT education institutions should model the security practices they teach
Sources & References
- [1]GitHub Registry — Community-maintained registry of Philippine school hacking incidents (May-June 2020)
ACCESScomputer collegePHUPhilippine Hacking University2020pandemicdatabase leak