SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Website Defacement
MediumResolved

University of the Philippines Visayas (UPV)

The University of the Philippines Visayas website was defaced, prompting UPV to temporarily take down its web server and conduct a security audit.

June 11, 2020Miagao, Iloilo, Western VisayasUnknown records affected

Key Facts

Date of Incident
June 11, 2020
Date Discovered
June 11, 2020
Records Affected
Unknown
Source
GMA News
Data Types Exposed
Website content
Response / Action Taken

UPV temporarily took down web server. Security audit conducted. Preventive measures implemented.

What Happened

On June 11, 2020, the University of the Philippines Visayas (UPV) confirmed that its official website (upv.edu.ph) was defaced. In a Facebook post, the university stated: "We have temporarily taken down our webserver after receiving and verifying the information that there was a defacement of the UPV website."

The defacement was part of a broader wave of attacks targeting Philippine educational institutions during June 2020, as schools transitioned to online learning during the COVID-19 pandemic.

Response

UPV's technical team conducted a security audit and implemented steps to prevent further incidents. The university temporarily took down its web server while the investigation and remediation were underway.

Broader Context

UPV was one of over 20 Philippine schools hacked in June 2020 alone. The wave of attacks coincided with the shift to online education during the pandemic, exposing widespread security weaknesses across Philippine educational institutions.

How to Prevent This

  1. 1.Keep web server software updated — ensure CMS platforms, plugins, and server software are patched against known vulnerabilities
  2. 2.Implement a Web Application Firewall (WAF) — to block common defacement techniques like SQL injection and cross-site scripting
  3. 3.Use file integrity monitoring — tools that alert when website files are modified unexpectedly
  4. 4.Restrict admin access — use strong passwords, MFA, and IP whitelisting for administrative panels
  5. 5.Maintain regular backups — so defaced sites can be quickly restored while the root cause is investigated

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    GMA News — UP Visayas takes down site after defacement (June 13, 2020)
  2. [2]
    Secuna Blog — More than 20 Philippine schools hacked just this June — UPV listed among affected institutions
  3. [3]
    GitHub (ajdumanhug/gothacked) — Registry of Philippine school hacking incidents — UPV listed June 11, 2020
UPVUP Visayaswebsite defacementIloiloCOVID-19 online learning

Related Incidents

Critical

A private medical college in Cebu City

June 24, 2026

Low

A foundation college in Mindanao

May 3, 2026

High

A state university in MIMAROPA

May 2, 2026

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources