What Happened
On June 27, 2020, the Pinoy Greyhats (a variant spelling of Pinoy Grayhats) conducted a data leak targeting Northwest Samar State University (NwSSU) in Calbayog City, Western Samar.
Unlike many of the June 2020 school attacks that were primarily website defacements or unauthorized access demonstrations, this incident involved the actual exfiltration and leaking of data — making it more severe.
What Was Potentially Exposed
As a data leak (rather than just defacement), compromised data likely included:
- Student personal information
- Academic records
- Internal university documents
Why This Breach Matters
- Data leak vs. defacement — data leaks cause lasting harm because the information cannot be "undeleted" once exposed
- Regional state university — NwSSU serves students from one of the less-developed regions of the Philippines, where alternative educational options may be limited
- Escalation pattern — the June 2020 attacks escalated from defacements to data leaks as the month progressed
Lessons for Schools
- 1.Protect databases, not just websites — preventing defacement is not enough; database access controls are critical
- 2.Encrypt sensitive data at rest — even if attackers gain access, encrypted data is useless without the keys
- 3.Monitor for data exfiltration — logging and alerting on unusual database queries can detect attacks in progress
Sources & References
- [1]GitHub Registry — Community-maintained registry of Philippine school hacking incidents (May-June 2020)
NwSSUCalbayogEastern VisayasPinoy Greyhats2020pandemicdata leakstate university