SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Unauthorized Access
MediumResolved

Polytechnic University of the Philippines (PUP)

PUP's Student Information System (SIS) was hacked by the Pinoy Grayhats group as part of a wave of attacks targeting Philippine university portals in June 2020. PUP stated no sensitive data was compromised.

June 17, 2020Manila, National Capital RegionUnknown records affected

Key Facts

Date of Incident
June 17, 2020
Date Discovered
June 17, 2020
Records Affected
Unknown
Source
Manila Bulletin
Data Types Exposed
Student personal dataStudent information system records
Response / Action Taken

PUP ICTO investigated and strengthened security. NPC notified. Students advised to change passwords.

What Happened

The Polytechnic University of the Philippines (PUP) confirmed on June 18, 2020, that its Student Information System (SIS) was hacked. The attack was attributed to the hacker group "Pinoy Grayhats," the same group responsible for the FEU breach and attacks on multiple other Philippine schools that month.

PUP's Information and Communications Technology Office (ICTO) conducted an initial probe and stated that no "sensitive" user information was compromised, despite some student personal data being leaked.

How This Attack Works

The Pinoy Grayhats targeted student information systems with web application vulnerabilities — the same attack pattern used against FEU and other schools that month. Student portals built in-house by university IT departments often lack the security hardening of commercial software, making them vulnerable to common web attacks like SQL injection and authentication bypass.

PUP's case is notable because the university had a prior breach in 2018 (NPC Case BN 18-222), which was only formally closed in February 2023. This suggests that systemic security weaknesses persisted even after the first incident.

Broader Context

PUP was one of over 20 Philippine schools targeted by hackers in June 2020 alone. Other schools in the wave included FEU, San Beda University, Cebu Normal University, Tarlac Agricultural University, University of Mindanao, AMA University, and Bulacan State University.

The attacks highlighted the vulnerability of Philippine educational institutions as they transitioned to online learning during the COVID-19 pandemic.

Response

PUP's ICTO determined the extent of the breach and strengthened the information system's security features. The university informed the National Privacy Commission and advised students to change their passwords and take precautionary measures.

How to Prevent This

  1. 1.Schedule annual penetration tests — have external security professionals test your student portals at least once a year, and after any major code changes
  2. 2.Separate public-facing portals from internal databases — use an API layer between the web application and the database so the portal never has direct database access
  3. 3.Implement real-time intrusion detection — deploy tools like OSSEC or Suricata that alert when someone is probing your systems for vulnerabilities
  4. 4.Learn from prior incidents — if your school has been breached before, conduct a root cause analysis and verify that all identified vulnerabilities have been fixed
  5. 5.Consider using established SIS platforms — instead of maintaining custom-built portals, evaluate commercial or open-source student information systems that receive regular security updates
  6. 6.Implement Web Application Firewall (WAF) — a WAF can block common attack patterns like SQL injection and XSS before they reach your application

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    Manila Bulletin — PUP, FEU probe hacking of student portals (June 19, 2020)
  2. [2]
    Manila Bulletin — Anatomy of a hack: How hackers breached vulnerable PH schools (July 1, 2020)
  3. [3]
    PUP Official (Facebook) — PUP official statement on the hacking incident
  4. [4]
    GitHub (ajdumanhug/gothacked) — Registry of Philippine school hacking incidents — PUP Sta. Mesa listed June 18, 2020 by Pinoy Grayhats
  5. [5]
    PUP Official Announcement — PUP-ICTO official disclosure on the SIS security incident (June 18, 2020)
PUPstudent portalPinoy GrayhatsNPCManila

Related Incidents

High

Far Eastern University (FEU)

June 16, 2020

Critical

San Beda University (SBU)

June 4, 2020

High

Rizal Technological University (RTU)

June 29, 2020

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources