SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Database Leak
HighConfirmed

DepEd Schools Division of Masbate

A threat actor using the alias 'Unit' posted 115,882 records from the DepEd Schools Division of Masbate for sale at $480 in cryptocurrency, exposing both faculty employment details and student personal information including Learner Reference Numbers.

August 1, 2025Masbate, Bicol Region115,882 records affected

Key Facts

Date of Incident
August 1, 2025
Date Discovered
September 1, 2025
Records Affected
115,882
Source
Deep Web Konek
Data Types Exposed
Faculty namesEmployee numbersSchool assignmentsPosition titlesFirst day of serviceCivil statusBirth datesPermanent addressesStudent namesLearner Reference Numbers (LRN)Contact numbersSchool year graduated
Response / Action Taken

No official statement from DepEd Masbate at time of reporting.

What Happened

In August 2025, a threat actor using the alias "Unit" — a newly registered account on a cybercrime forum — posted a database for sale allegedly stolen from the DepEd Schools Division of Masbate (depedmasbate.ph). The database contains 115,882 records covering both faculty and student data.

The listing was priced at $480 (negotiable), payable in cryptocurrency only (preferably Monero), and restricted to a single buyer — a pattern suggesting the data was intended for targeted fraud operations rather than mass distribution.

Data Exposed

Faculty Records:

  • Full names and employee numbers
  • School assignments and position titles
  • First day of service
  • Sex and civil status
  • Date of birth
  • Permanent addresses

Student Records:

  • Full names
  • School names
  • Learner Reference Numbers (LRN)
  • Gender and date of birth
  • Contact numbers
  • Present and permanent addresses
  • School year graduated

Why This Breach Is Concerning

The exposure of Learner Reference Numbers (LRN) is particularly problematic because LRNs are permanent identifiers assigned to students by DepEd and used throughout their entire educational career. Unlike passwords, LRNs cannot be changed. Combined with birth dates and addresses, this data creates a comprehensive profile for identity theft targeting students — many of whom are minors.

The single-buyer restriction in the sale listing suggests the data may be used for targeted social engineering, phishing, or fraud rather than generic spam.

How to Prevent This

  1. 1.Secure the web application — conduct a vulnerability assessment of depedmasbate.ph to identify and patch the entry point
  2. 2.Restrict access to student LRN databases — only authorized personnel should be able to query student records in bulk
  3. 3.Monitor for data exfiltration — set alerts for large database queries or unusual export activity
  4. 4.Encrypt student and faculty PII at rest — so data is unreadable even if the database is compromised
  5. 5.Implement Web Application Firewall (WAF) — to block common attack vectors before they reach the application
  6. 6.Notify affected data subjects — comply with the Data Privacy Act's breach notification requirements

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    Deep Web Konek — DepEd Masbate Division database breached: 115,000 records exposed (Sep 2025)
DepEdMasbateBicolLRNstudent recordsfaculty recordsDeep Web Konek

Related Incidents

Critical

DepEd Cordillera Administrative Region (CAR)

November 19, 2025

Critical

DepEd Ilocos Norte & Aurora Divisions

November 1, 2025

Critical

DepEd Division of Laguna

October 4, 2025

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources