What Happened
On June 19, 2020, the Pinoy Grayhats hacker group gained unauthorized access to the website of Angeles University Foundation (AUF) at auf.edu.ph in Angeles City, Pampanga.
AUF is one of the largest private universities in Central Luzon. The breach was part of the ongoing June 2020 campaign by Pinoy Grayhats targeting vulnerabilities in Philippine school websites.
Context
On the same day, Pinoy Grayhats also breached Camarines Sur Polytechnic Colleges, University of the East, and the TIP Career Center — continuing a pattern of multiple schools being targeted daily.
Common Vulnerabilities
Philippine school websites during this period commonly suffered from:
- Outdated CMS platforms (WordPress, Joomla) with known vulnerabilities
- Weak or default admin credentials
- Missing SSL certificates
- No web application firewall protection
- Exposed .git directories revealing source code
Lessons for Schools
- 1.Audit all web assets regularly — schools with complex web presences need to track and secure every subdomain and application
- 2.Implement centralized logging — detect unauthorized access attempts before they succeed
- 3.Consider managed security services — schools with limited IT resources should consider outsourcing security monitoring
Sources & References
- [1]GitHub Registry — Community-maintained registry of Philippine school hacking incidents (May-June 2020)
AUFAngelesCentral LuzonPinoy Grayhats2020pandemicuniversity