Back to Breach Tracker
Unauthorized Access
MediumResolved

Mabalacat City College (MCC)

The Pinoy Grayhats breached Mabalacat City College's website (mcc.edu.ph) as part of the June 2020 wave of school cyberattacks during the pandemic shift to online learning.

June 18, 2020Mabalacat, Pampanga, Central LuzonUnknown records affected

Key Facts

Date of Incident
June 18, 2020
Date Discovered
June 18, 2020
Records Affected
Unknown
Source
GitHub (ajdumanhug/gothacked)
Data Types Exposed
Website contentStudent personal information
Response / Action Taken

MCC addressed the security vulnerabilities after the breach was disclosed.

What Happened

On June 18, 2020, the Pinoy Grayhats hacker group gained unauthorized access to the website of Mabalacat City College (MCC) at mcc.edu.ph in Mabalacat, Pampanga.

MCC is a local city college that was transitioning to online services during the COVID-19 pandemic. The breach highlighted how smaller, city-level institutions were equally vulnerable.

Context

The breach occurred on the same day as attacks against Apayao State College, Bulacan State University, DepEd Caraga, and other institutions — showing the systematic nature of the Pinoy Grayhats campaign.

Lessons for Schools

  1. 1.City colleges need security support — local government-funded schools often lack dedicated IT security staff
  2. 2.Shared hosting environments are risky — smaller institutions on shared hosting should ensure isolation between accounts
  3. 3.Free security tools exist — tools like Cloudflare (free tier), Let's Encrypt (free SSL), and OWASP ZAP (free scanner) can significantly improve security without cost

Sources & References

  1. [1]
    GitHub Registry Community-maintained registry of Philippine school hacking incidents (May-June 2020)
MCCMabalacatCentral LuzonPinoy Grayhats2020pandemiccity college