SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Database Leak
HighResolved

A private college in Silang, Cavite

The name of this institution has been withheld pending verification of the source. This entry is based on an unconfirmed report.

Storm Breaker Security PH claimed on Facebook to have leaked the database of a private college in Cavite via SQL injection. The post included screenshots of database table structures exposing faculty, facility, organization, and building data, along with a Mediafire link to the full database dump.

January 12, 2026Unknown records affected

Key Facts

Date of Incident
January 12, 2026
Date Discovered
January 12, 2026
Records Affected
Unknown
Source
Storm Breaker Security PH (Facebook)
Data Types Exposed
Faculty employee numbersEmployee namesDepartment assignmentsFacility recordsOrganization recordsBuilding and office dataContact persons
Response / Action Taken

No official acknowledgement from the institution. The underlying vulnerability appears to have been addressed as of April 2026. No media coverage of the incident has been found.

What Happened

On January 12, 2026, the threat actor group Storm Breaker Security PH posted on their Facebook page claiming to have breached the database of a private college in Cavite. The post was addressed directly to the institution's administrators: "Dear Admin of [redacted], your database has been leaked. What steps will you take to further secure your website to prevent it from being accessed by hackers."

The post included a Mediafire link to a file titled "College-Databases-Leak.txt" containing the dumped database contents.

How the Attack Was Carried Out

Screenshots show the attacker exploiting a classic SQL injection vulnerability in the college's website. The URL visible in the screenshot shows a `officesView.php?id=1%27` parameter — the `%27` is a URL-encoded single quote (`'`), a hallmark of SQL injection testing. This indicates the web application failed to sanitize user input in URL query parameters, allowing the attacker to extract the underlying database.

What Was Compromised

The leaked database schema reveals the following tables and columns:

  • tbl_faculty — faculty_no, Employee_No, Employee_Name, Department, Picture
  • tbl_facility — fcl_id, fcl_name, fcl_desc, fcl_photo
  • tbl_organization — org_id, org_name, org_desc, org_mod, org_img
  • tbl_cluster — cluster_id, cluster_name
  • tbl_dept — dept_id, dept_name
  • tbl_building — building_name, office_name, contact_person, designation

The faculty table is the most sensitive, containing employee identification numbers and full names linked to departments — information that could be used for identity fraud or social engineering.

Attacker

Storm Breaker Security PH listed team members as: Ph.Error, Assa, Ph.Bl4ke, Sig04i, Ph.Madac, and Vindrax. The post included special greetings to Black Bytes, Pinoy XploitSec, xBL4z3R-Sec PH, and Anonymous San Mateo, and was addressed to "all of the anonymous hacker in the Philippines."

Why This Breach Matters

  • SQL injection in 2026 — this is one of the oldest and most well-documented web vulnerabilities (OWASP Top 10), yet educational institutions continue to be compromised by it
  • Faculty PII exposed — employee numbers, names, and department assignments can enable targeted phishing and identity fraud
  • Public database dump — the full database was made available for download on Mediafire, meaning anyone could access it
  • Pattern of targeting — Storm Breaker Security PH has conducted multiple attacks against Philippine educational institutions in early 2026

How to Prevent This

  1. 1.Use parameterized queries / prepared statements — never concatenate user input directly into SQL queries
  2. 2.Implement input validation — sanitize and validate all URL parameters and form inputs
  3. 3.Deploy a Web Application Firewall (WAF) — to detect and block SQL injection attempts
  4. 4.Conduct regular security audits — test web applications for OWASP Top 10 vulnerabilities
  5. 5.Apply the principle of least privilege — database accounts used by the web application should have minimal permissions
  6. 6.Encrypt sensitive data at rest — so that even if a database is dumped, PII is not immediately readable

Resolution

As of April 2026, the underlying SQL injection vulnerability appears to have been addressed. The institution has not issued any public acknowledgement of the breach, and no media coverage of the incident has been found.

SilangCaviteCALABARZONprivate schooldatabase leakSQL injectionStorm Breaker Security PHfaculty datahacktivism2026

Related Incidents

Low

A technical institute in Laguna

May 2, 2026

Critical

A private medical college in Cebu City

June 24, 2026

Critical

A private IT-focused university chain in the Philippines

May 27, 2026

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources