SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Unauthorized Access
MediumResolved

Cebu Normal University (CNU)

Cebu Normal University's Learning Management System was breached by the Pinoy Grayhats group as part of a wave of attacks on Philippine university portals in June 2020.

June 17, 2020Cebu City, Central VisayasUnknown records affected

Key Facts

Date of Incident
June 17, 2020
Date Discovered
June 17, 2020
Records Affected
Unknown
Source
Manila Bulletin
Data Types Exposed
LMS dataStudent portal data
Response / Action Taken

No official public statement from CNU at the time of reporting.

What Happened

On June 17, 2020, Cebu Normal University's Learning Management System (lms.cnu.edu.ph) was breached by the hacker group Pinoy Grayhats. The attack occurred on the same day as breaches against Far Eastern University, Tarlac Agricultural University, University of St. La Salle, ICCT Colleges, and AMA University.

Broader Context

CNU was one of over 20 Philippine schools hacked in June 2020 alone. The Pinoy Grayhats group stated they had checked school websites from May to June 2020 and found at least 20 with vulnerabilities. They claimed their goal was to expose security weaknesses and push schools to improve their security posture.

How to Prevent This

  1. 1.Conduct regular security assessments of LMS platforms — learning management systems are high-value targets that contain student data
  2. 2.Keep LMS software updated — apply security patches promptly
  3. 3.Implement strong authentication — require MFA for admin and staff LMS accounts
  4. 4.Use parameterized queries — prevent SQL injection in custom LMS modules
  5. 5.Monitor for unauthorized access — enable logging and alerting on LMS admin actions

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    Manila Bulletin — FEU calls on students to reset passwords — CNU mentioned as part of broader wave (June 19, 2020)
  2. [2]
    Secuna Blog — More than 20 Philippine schools hacked just this June — CNU listed among affected institutions
  3. [3]
    GitHub (ajdumanhug/gothacked) — Registry of Philippine school hacking incidents — CNU LMS listed June 17, 2020 by Pinoy Grayhats
CNUCebuLMSPinoy GrayhatsCOVID-19 online learning

Related Incidents

High

Rizal Technological University (RTU)

June 29, 2020

High

Our Lady of Fatima University (OLFU)

June 25, 2020

High

University of Mindanao (UM)

June 18, 2020

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources