SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Website Defacement
LowResolved

A private university in Cebu City

The name of this institution has been withheld pending verification of the source. This entry is based on an unconfirmed report.

Fawkes Pilipinas, affiliated with Nullsec Philippines, claimed to have defaced the A private university in Cebu City Publishing House subdomain. The group posted a defacement page at A private university in Cebu City and stated they identified vulnerabilities in the subdomain but claimed no data was harmed.

April 1, 2026None (website only) records affected

Key Facts

Date of Incident
April 1, 2026
Date Discovered
April 1, 2026
Records Affected
None (website only)
Source
Fawkes Pilipinas (Facebook)
Data Types Exposed
Website content
Response / Action Taken

As of April 7, 2026, the affected subdomain returns a server error page, and the previously observed defacement content is not visible.

What Happened

On April 1, 2026, the threat actor group Fawkes Pilipinas posted on their Facebook page claiming to have defaced a subdomain of the A private university in Cebu City in Cebu City.

The group's message was addressed directly to the university:

"Greetings A private university in Cebu City. We have identified some vulnerabilities within your subdomain. We strongly advise that these issues be patched immediately to prevent any potential risks or incidents."

The post also referenced concerns about tuition costs, stating that "some students have expressed difficulty with the cost and feel they are unable to meet expected educational standards." The attackers claimed no data was harmed and that the action was "only to raise awareness."

What Was Compromised

Based on the threat actor's claim:

  • Subdomain defacement — a defacement page was uploaded to the A private university in Cebu City Publishing House subdomain (A private university in Cebu City)
  • No data exfiltration claimed — the group stated "no data has been harmed" and that they "simply left our names within your system"
  • Vulnerability identified — the attackers claimed to have found exploitable vulnerabilities in the subdomain

The defacement page displayed the Fawkes Pilipinas logo with the text "Infiltrated By Fawkes Pilipinas" along with a message about tuition fees and education quality concerns at the university.

Attacker

The defacement was posted by Fawkes Pilipinas and signed by 0xTerror. The defacement page listed group members: 0xSeve, 0xTerror, X10n, Ch4nc3ll0rx.1337, Lei$, 0xZh3n, Crypt0nymz, and Ph.Sydn3y.

Special greetings were included for: norxrcy, Nullsec Philippines, Zeus, CyberfrOst, DefacerPH, TN$, and Honksec.

Several of these handles are associated with previous Nullsec Philippines operations, including the MBHTE Bangsamoro breach on March 31, 2026, and the La Union colleges breach on March 29, 2026 — indicating an escalating campaign by this group.

Why This Breach Matters

  • Major private university — a well-established private university in Cebu City
  • Subdomain vulnerability — the attackers exploited a subdomain (Publishing House), highlighting how ancillary web properties can be overlooked in security planning
  • Escalating campaign — this is the third Fawkes Pilipinas / Nullsec Philippines attack against a Philippine educational institution in four days (La Union on March 29, MBHTE on March 31, A private university in Cebu City on April 1)
  • Hacktivist messaging — the group embedded grievances about tuition costs and education quality, using the defacement as a platform for social commentary

How to Prevent This

  1. 1.Audit all subdomains — maintain an inventory of all subdomains and ensure each meets the same security standards as the main website
  2. 2.Patch and update web applications — ensure CMS platforms, plugins, and server software on all subdomains are up to date
  3. 3.Implement file integrity monitoring — detect unauthorized changes to web files in real time
  4. 4.Use a Web Application Firewall (WAF) — protect all public-facing subdomains, not just the primary domain
  5. 5.Restrict file upload capabilities — prevent unauthorized users from uploading files to web-accessible directories
  6. 6.Conduct regular penetration testing — include all subdomains in the scope of security assessments
Cebu CityCentral Visayasprivate universitywebsite defacementNullsecPhilippinesFawkes Pilipinashacktivism2026subdomain vulnerability

Related Incidents

Critical

A private medical college in Cebu City

June 24, 2026

Critical

A private Catholic university in Mindanao

June 2, 2026

Low

A foundation college in Mindanao

May 3, 2026

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources