SchoolBreach.org
BreachesTrendsToolsLearnAbout
Free Security Check
Security Check
SchoolBreach.org

A public resource tracking data breaches in Philippine schools. Helping administrators protect student data through awareness, education, and free security tools.

© 2026 SchoolBreach.org · A community service by OceanEd

Navigate

  • Breaches
  • Trends
  • Tools
  • Learn
  • Methodology

Company

  • About
  • Privacy Policy
  • Terms of Service
  • Contact Us

Disclaimer: This tracker is maintained for educational and awareness purposes. Incidents are documented using threat intelligence monitoring, Philippine media reports, NPC filings, and responsible disclosures. Social media platforms are monitored for leads and are corroborated before publication or naming — never through active scanning or exploitation. Severity ratings and summaries are prepared with AI assistance and reviewed editorially. Full methodology →

Back to Breach Tracker
Database Leak
HighResolved

University of Southeastern Philippines (USeP)

A hacker using the alias 'MaxxX' advertised a dataset containing over 175,000 lines of student data from USeP's Student Records Information System, including IDs, names, emails, and academic records.

September 1, 2025Davao City, Davao Region175,000+ records affected

Key Facts

Date of Incident
September 1, 2025
Date Discovered
September 1, 2025
Records Affected
175,000+
Source
SunStar Davao
Data Types Exposed
Student ID numbersStudent namesEmail addressesEnrollment statusAcademic monitoring recordsTransaction logsSystem logs
Response / Action Taken

USeP migrated to secure server, removed malicious code, and implemented additional security measures.

What Happened

Cybersecurity monitoring group Deep Web Konek flagged a post by a threat actor using the alias "MaxxX" who advertised a dataset allegedly containing over 175,000 lines of information from the University of Southeastern Philippines (USeP). The data was reportedly extracted from USeP's Student Records Information System (SRIS).

The threat actor claimed the compromised database was over 20MB in size, contained in an SQL file. The dataset was posted for sale on the cybercrime forum.

According to a separate Deep Web Konek report, the alleged tables included: enrolled, student records, monitoring, users, transaction, and system log — suggesting the threat actor possessed administrative-level access based on the breadth of data accessed. The records may encompass both current students and alumni retained in institutional databases.

Data Exposed

The alleged leak included:

  • Student ID numbers
  • Full student names
  • Email addresses
  • Enrollment status
  • Academic monitoring records
  • Transaction data
  • System log data

How This Attack Likely Works

The presence of an SQL file and malicious redirection codes on the server suggests either SQL injection (injecting malicious database queries through web forms to extract data) or web shell upload (uploading a backdoor script through an insecure file upload feature). The malicious redirection codes USeP found indicate the attacker had write access to the web server, which points to a compromised web application rather than direct database access.

USeP's Response

Following the breach, USeP announced several measures:

  • Migrated to a more secure server
  • Removed malicious redirection codes found in their systems
  • Began implementing broader measures to prevent similar incidents

USeP clarified that the SRIS is designed only as a platform for tracking and processing requests for student and alumni credentials, and does not store the credentials themselves.

How to Prevent This

  1. 1.Use parameterized queries / prepared statements — this eliminates SQL injection, the most likely attack vector when data is exfiltrated as an SQL file
  2. 2.Validate and sanitize all file uploads — restrict allowed file types, scan uploads for malicious content, and store uploaded files outside the web root
  3. 3.Implement a Web Application Firewall (WAF) — services like Cloudflare (free tier available) can block SQL injection and web shell upload attempts
  4. 4.Monitor file integrity — use tools like AIDE or Tripwire to detect when server files are modified (e.g., malicious redirection code being injected)
  5. 5.Keep your platform updated — if using a CMS or framework, apply security patches promptly. If using a custom-built system, schedule regular code security reviews
  6. 6.Restrict database user permissions — the web application's database user should only have SELECT access to the tables it needs, never full admin privileges
  7. 7.Monitor for data exfiltration — set alerts for unusually large database queries or bulk data exports from the student records system

Sources & References

All sources are independently verified. Access dates and archive links are recorded for each citation.

  1. [1]
    SunStar Davao — USeP upgrades cybersecurity after data breach — confirms SRIS unauthorized access, server migration, and security measures
  2. [2]
    Daily Dark Web — University of Southeastern Philippines database allegedly breached — student data for sale
USePstudent recordsDavaodatabase leakDeep Web Konek

Related Incidents

Critical

University of the Philippines Mindanao (UP Mindanao)

August 12, 2025

Critical

A private IT-focused university chain in the Philippines

May 27, 2026

Critical

A state university in Mindanao

May 10, 2026

Know of a Breach?

Help us keep this tracker accurate and complete. Report school data breaches confidentially.

Report a Breach

Is This Entry Inaccurate?

If you represent the named institution or have evidence that corrects or updates this entry, you can request a correction or submit an official statement for publication.

We review all correction requests and respond within 5 business days. Verified corrections are applied promptly. Institutions may also submit a statement that will appear on this page as a right of reply.

Request a Correction

Protect Your School

Use our free tools and guides to assess your school's security posture.

Free Security ToolsGuides & Resources