What Happened
On June 17, 2020, a hacker group called FilTech Hackers Philippines gained unauthorized access to the job fair portal of Manuel S. Enverga University Foundation (MSEUF) at jobfair.mseuf.edu.ph in Lucena City.
Unlike most other school breaches during this period which were attributed to Pinoy Grayhats, this attack came from a different group — indicating that multiple threat actors were simultaneously targeting Philippine schools.
What Was Potentially Exposed
The job fair portal likely contained:
- Graduate and alumni personal information
- Resumes and employment histories
- Contact details and addresses
- Employer partner data
Why This Breach Stands Out
- Different attacker group — while Pinoy Grayhats dominated the June 2020 school hacking wave, FilTech Hackers Philippines independently targeted MSEUF, showing how visible school vulnerabilities attracted multiple threat actors
- Employment data at risk — job fair portals contain particularly sensitive career and financial information
Lessons for Schools
- 1.Secure all subdomains — ancillary portals like job fair sites often receive less security attention than main student portals
- 2.Minimize data retention — job fair data should be purged after events conclude to reduce exposure risk
- 3.Apply consistent security standards — every web application under the school's domain should meet the same security baseline
Sources & References
- [1]GitHub Registry — Community-maintained registry of Philippine school hacking incidents (May-June 2020)
MSEUFLucenaCALABARZONFilTech Hackers Philippines2020pandemicjob fair portal