SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Database Leak
HighConfirmed

DepEd Regional Office (Alleged 750GB Breach)

Cybersecurity group Deep Web Konek reported that a threat actor claimed to have exfiltrated 750GB of data from a DepEd office, including banking info and student/teacher records. DepEd denied any hacking occurred.

February 14, 2024Cabuyao, Laguna, CALABARZON750 GB of data exposed

Key Facts

Date of Incident
February 14, 2024
Date Discovered
February 14, 2024
Data Exposed
750 GB
Source
PhilStar
Data Types Exposed
Banking informationStudent recordsTeacher recordsGoogle email accounts
Response / Action Taken

DepEd denied hacking. SDO Cabuyao said all data intact. Coordination with DICT ongoing.

What Happened

On February 14, 2024, cybersecurity monitoring group Deep Web Konek reported on X (formerly Twitter) that a threat actor claimed to have hacked a DepEd database and acquired over 750 gigabytes of data. The information allegedly included banking information, student and teacher records, and Google email accounts.

Deep Web Konek identified the affected office as SDO Cabuyao in Laguna. The threat actor posted on the dark web that they would not leak the data to the public "yet" but might offer curated data in the future.

DepEd Response

DepEd's Schools Division Office (SDO) of Cabuyao conducted a thorough investigation and stated: "There was no hacking nor glitch occurred in any platform or system used by the SDO Cabuyao." They added that upon checking, all data were found intact.

DepEd also stated that its cybersecurity measures have been "effective" in protecting its network and sensitive information, and that they immediately activated security protocols and preventive measures.

Related Incidents

On February 15, 2024, hackers gained unauthorized access to DepEd-affiliated Facebook pages, flooding them with inappropriate content. This occurred just one day after the alleged data breach report.

This was also the second reported DepEd data incident in February 2024, following the OVAP database exposure discovered by vpnMentor.

Context

DepEd coordinated with the Department of Information and Communications Technology (DICT) regarding the reported data leak. The DICT isolated the investigation to the regional office level.

It is worth noting that Deep Web Konek later apologized for disseminating inaccurate information regarding a separate alleged leak of Philippine Statistics Authority (PSA) data, raising questions about verification standards for dark web claims.

How This Type of Attack Works

While this specific breach remains unverified, data exfiltration from government systems typically happens through compromised credentials (phishing or credential stuffing), exploiting unpatched vulnerabilities in web applications, or insider access. The threat actor's claim of 750GB suggests prolonged access or bulk database export.

How to Prevent This

  1. 1.Enable multi-factor authentication (MFA) on all staff accounts — this blocks credential stuffing and phishing attacks, which are the most common entry points
  2. 2.Deploy a web application firewall (WAF) — this protects against SQL injection, cross-site scripting, and other web-based attacks that could allow database export
  3. 3.Implement database activity monitoring (DAM) — tools that alert on unusual queries, bulk exports, or access from unfamiliar IPs
  4. 4.Maintain comprehensive audit logs — log all access to sensitive systems so you can verify or rule out unauthorized access when claims arise
  5. 5.Segment your network — keep student databases on isolated network segments so compromising one system does not grant access to all data
  6. 6.Patch systems promptly — apply security updates within 30 days for critical vulnerabilities, especially on internet-facing systems
  7. 7.Coordinate with DICT and NPC — have pre-established communication channels so incident response is swift when reports surface

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    PhilStar — DepEd verifying reports of data breach (Feb 14, 2024)
  2. [2]
    Manila Bulletin — 'There was no hacking', DepEd-Cabuyao clarifies following alleged cyberattack
  3. [3]
    Inquirer.net — DepEd: No hacking in regional offices despite alleged data leak
  4. [4]
    Interaksyon / PhilStar — Data leak, lewd Facebook page: DepEd-affiliated pages report data breach
  5. [5]
    PhilStar — DepEd checking data breach after hacking (Feb 15, 2024)
  6. [6]
    Philippine News Agency — DICT probes possible hacking of DepEd office — DICT investigating alleged 750GB data exfiltration
DepEddark webDeep Web KonekDICTalleged breach

Related Incidents

Critical

DepEd Cordillera Administrative Region (CAR)

November 19, 2025

Critical

DepEd Ilocos Norte & Aurora Divisions

November 1, 2025

Critical

DepEd Division of Laguna

October 4, 2025

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources